例如你要控制對ROOT目錄下文件的訪問:
首先更改$TOMCAT_HOME/ROOT/WEB-INF/web.xml
1。在<web-app>和</web-app>之間加入
? <security-constraint>
??? <web-resource-collection>
????? <web-resource-name>Entire Application</web-resource-name>
????? <url-pattern>/*</url-pattern>
??? </web-resource-collection>
??? <auth-constraint>
?????? <!-- NOTE:? This role is not present in the default users file -->
?????? <role-name>user</role-name>
??? </auth-constraint>
? </security-constraint>
? <!-- Define the Login Configuration for this Application -->
? <login-config>
??? <auth-method>BASIC</auth-method>
??? <realm-name>TEST ACCESS CONTROL</realm-name>
? </login-config>
2。然后在$TOMCAT_HOME/conf/tomcat-users.xml中加入
?? <user name="user" password="password" roles="user"/>
?? roles的名字和web.xml中的相對應
posted on 2006-12-19 14:20
happytian 閱讀(428)
評論(0) 編輯 收藏