Tomcat security constraint for valid user

前端未结

关注

 3  565

北荒 2021-02-06 11:26

I\'m trying to protect a resource in tomcat so that only \"valid users\" (those with a valid login and password in the realm) can access it. They do not necessarily belong to a

3条回答

难免孤独 (楼主)

2021-02-06 12:21
If we are using Tomcat 8.x , as the provided server.xml will come in a nested Realm element, please add 'allRolesMode="authOnly"' in the "outmost" Realm element and change aforementioned web.xml for testing. e.g.
```
  
    
    
  
```
Please read org.apache.catalina.realm.RealmBase.java for details.

Also, following settings in logging.properties are useful.
```
org.apache.catalina.realm.level=ALL
org.apache.catalina.realm.useParentHandlers=true
org.apache.catalina.authenticator.level=ALL
org.apache.catalina.authenticator.useParentHandlers=true
```
0 讨论(0)

查看其它3个回答
发布评论:

提交评论
- 加载中...