2. Tech
  3. Tomcat security domain settings

Tomcat security domain settings

xiaoxiao2021-03-06  42

The security domain is a Tomcat built-in function, declares that Tomcat5 provides four classes that implement this interface in the Org.Apache.catalina.Realm interface. They represent four security domain types. Let me introduce its related configuration, and its application methods. Operating environment: Windows2000, Tomcat 5.0.28, JDK1.5, JDBC3.0, SQLServer2000, Test Directory:% Tomcat% / WebApps / Area directory.

1. Memory Domain: Class name, MemoryRealm; In the initialization phase, secure verification information is read from the XML file and put them in memory in the form of a set of objects. There are three ways to access the resource: Basic, Digest, Form. Using Basic Authentication is considered unsafe because it doesn't have a strong encryption method unless HTTPS or other password encryption code is used in the client and server side (for example, in a virtual private network).

Profile% Tomcat% / conf / catalina / localhost / area.xml is: Web application WEB-INF / Web.xml is: sessionTest SECRUITY CONSTRAINT protected area / test / * Cool Basic sess Iontest Realm Digest sessionTest Realm -> form sessiontest realm <

Form-login-config> /userCheck.jsp

If Form verification is used, UserCheck.jsp, the main parameters (do not change it) set:



-> session jdbctest Cool Base / TEST / * Represents protected resources to: http: // localhost: 8080 / area / test / all resources under. Role Role Cool Add: 2. JDBC Domain : Class name, JDBCREALM, access security verification in the existing database via JDBC driver. 3. Data source domain: Class name, DataSourceRealm, access security verification information in the database via JNDI data source. 4. JNDI Domain: Class name, JNDIREALM, access security verification information stored in LDAP-based directory servers via JNDIPROVEIDER. Time is limited, and the editor is edited to modify it.

转载请注明原文地址:https://www.9cbs.com/read-62858.html

9cbs

New Post(0)