1. 技术文章
  2. Confusing about <security-role> in web.xml

Confusing about <security-role> in web.xml

倾然丶 夕夏残阳落幕 提交于 2019-12-04 15:14:17

问题


I'm understand that <security-role><role-name>Admin</role-name></security-role> is for container map it with tomcat-users.xml (realm)

but I confuse about if I didn't use realm but I use database how container know which field in my database is for role-name or it have naming convention in database field name like "role_name" and container will know it

Thank you for every advices


回答1:


Just use a database realm and configure the table and column names in a <Realm> element in server configuration file. For Tomcat, this is described in the Realm HOWTO. Here's an extract of relevance, from the JDBCRealm chapter:

Quick Start

To set up Tomcat to use JDBCRealm, you will need to follow these steps:

  1. If you have not yet done so, create tables and columns in your database that conform to the requirements described above.
  2. Configure a database username and password for use by Tomcat, that has at least read only access to the tables described above. (Tomcat will never attempt to write to these tables.)
  3. Place a copy of the JDBC driver you will be using inside the $CATALINA_HOME/lib directory. Note that only JAR files are recognized!
  4. Set up a <Realm> element, as described below, in your $CATALINA_BASE/conf/server.xml file.
  5. Restart Tomcat 6 if it is already running.

Realm Element Attributes

To configure JDBCRealm, you will create a <Realm> element and nest it in your $CATALINA_BASE/conf/server.xml file, as described above. The attributes for the JDBCRealm are defined in the Realm configuration documentation.

Example

An example SQL script to create the needed tables might look something like this (adapt the syntax as required for your particular database):

create table users (
  user_name         varchar(15) not null primary key,  
  user_pass         varchar(15) not null
);

create table user_roles (
  user_name         varchar(15) not null,
  role_name         varchar(15) not null,
  primary key(user_name, role_name)
);

Example Realm elements are included (commented out) in the default $CATALINA_BASE/conf/server.xml file. Here's an example for using a MySQL database called "authority", configured with the tables described above, and accessed with username "dbuser" and password "dbpass":

<Realm className="org.apache.catalina.realm.JDBCRealm"
      driverName="org.gjt.mm.mysql.Driver"  
   connectionURL="jdbc:mysql://localhost/authority?user=dbuser&amp;password=dbpass"
       userTable="users" userNameCol="user_name" userCredCol="user_pass"   
   userRoleTable="user_roles" roleNameCol="role_name"/>

Pretty clear, isn't it? If you already have a JDBC datasource configured in Tomcat (for connection pooling and on), then you can also use DataSourceRealm instead.

The tomcat-users.xml which you're talking about is by the way called UserDatabaseRealm.



来源:https://stackoverflow.com/questions/5294252/confusing-about-security-role-in-web-xml

标签
java
database
Tomcat
web.xml
realm
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!