小试tomcat基本安全认证
来源:互联网 发布:spss数据分析应用案例 编辑:程序博客网 时间:2024/05/01 04:23
背景:tomcat-5.5.12设置为远程服务器
服务端设置:
Step 1) 打开${tomcat_home}/conf/tomcat-users.xml
加入如下代码:
<role rolename="test"/>
<user username="a" password="b" roles="test"/>
<user username="a" password="b" roles="test"/>
Step2)修改web.xml
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/test/*</url-pattern>
<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>test</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration uses BASIC authentication -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>WebService Form-Based Authentication Area</realm-name>
</login-config>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/test/*</url-pattern>
<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>test</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration uses BASIC authentication -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>WebService Form-Based Authentication Area</realm-name>
</login-config>
对网站/test/下的任何请求采用基本安全认证
客户端编程:
客户端通过httpclient-2.0.2请求该url,方法如下:
HttpClient httpClient = new HttpClient();
Credentials defaultcreds = new UsernamePasswordCredentials("a", "b");
httpClient.getState().setCredentials("WebService Form-Based Authentication Area","www.cat.cn",defaultcreds);
String url = "http://www.cat.cn/test/index.do";
GetMethod method = new GetMethod(url);
method.setDoAuthentication( true );
httpClient.executeMethod(method);
String s = method.getResponseBodyAsString();
System.out.println(s);
Credentials defaultcreds = new UsernamePasswordCredentials("a", "b");
httpClient.getState().setCredentials("WebService Form-Based Authentication Area","www.cat.cn",defaultcreds);
String url = "http://www.cat.cn/test/index.do";
GetMethod method = new GetMethod(url);
method.setDoAuthentication( true );
httpClient.executeMethod(method);
String s = method.getResponseBodyAsString();
System.out.println(s);
- 小试tomcat基本安全认证
- svn基本安全认证
- tomcat中配置安全认证
- Tomcat的Form安全认证
- tomcat https 安装安全认证
- tomcat基本安全配置
- 基本的安全和HTTP认证
- 基于HTTP的基本安全认证机制
- 12.3 基本认证的安全缺陷
- Node.js实践HTTP安全认证之一~~基本认证
- HTTPS安全认证在Tomcat中的配置方法与图解
- tomcat 安全认证 Realm 及 多种类型 Realm 配置
- 安全认证
- 安全认证
- 安全认证
- 安全更新与安全认证
- ASP.NET 安全认证
- ASP.NET 安全认证
- 跟我一起写 Makefile (共 14 篇)
- 汉字符到十六进制:
- C#使用ICSharpCode.SharpZipLib压缩文件
- 明天考6级
- 什么是Windows能干而Linux干不了的?(1)
- 小试tomcat基本安全认证
- 什么是Windows能干而Linux干不了的?(2)
- 好方法记单词
- 什么是Windows能干而Linux干不了的?(3)
- 什么是Windows能干而Linux干不了的?(4)
- [转]JS+DOM的通用性
- 什么是Windows能干而Linux干不了的?(5)
- 在对话框中使用picture control显示静态图片的方法
- oracle 中序列的创建和使用