Java Web应用程序,tomcat 6
我的web.xml是这样的,我在末尾添加了一个标记Java Web应用程序,tomcat 6,java,tomcat,Java,Tomcat,我的web.xml是这样的,我在末尾添加了一个标记 <?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:sch
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>LoginRemote</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<description></description>
<display-name>remoteSample</display-name>
<servlet-name>remoteSample</servlet-name>
<servlet-class>com.src.remoteSample</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>remoteSample</servlet-name>
<url-pattern>/remoteSample</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
</web-app>
仅添加登录配置是不够的。你错过了两件事:
tomcatAuthentication
的值肯定应该是true
,否则Tomcat会假定身份验证是由另一个服务(例如apachehttp)完成的,因此不会尝试执行任何类型的身份验证此外,如果您选择使用基本身份验证,那么解决此问题的另一种方法是通过调用
request.getHeader(“authentication”)
检查authentication
头的值,并直接从“BASIC”之后出现的Base64编码字符串中提取用户信息。但是,请注意,当Tomcat处理身份验证时,它也会从请求中删除授权标头,这意味着您可以将此方法用作让Tomcat处理身份验证的替代方法,但不能与之结合使用。感谢您的回答。但是,即使如此,我也会将request.getHeader的答案设置为null(“身份验证”)。请查看我编辑的问题。我没有教程中给出的任何表单。我必须获取登录到远程计算机的用户的用户名和密码。
<Connector connectionTimeout="20000" port="9000" protocol="HTTP/1.1" redirectPort="8443" />
package com.src;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class remoteSample extends HttpServlet {
private static final long serialVersionUID = 1L;
public remoteSample() {
super();
// TODO Auto-generated constructor stub
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
response.setContentType("text/html;charset=UTF-8");
System.out.println("login info:"+request.getHeader("Authentication"));
System.out.println("Authentication type:"+request.getAuthType());
//printWriter.println(""+ServiceContextHolder.getContext().getAuthentication().getName());
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
}
}
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
</security-constraint>