Modify roles in Tomcat and implement the login verification box function

A prompt box will appear during FTP login. This function can be implemented by configuring our files without writing any code.

1. modify a role (add or delete a role)

Conf/tomcat-users.xml to store Tomcat roles, default roles such as admin, manager, if you want to add custom roles, you can

In the <User Username = "xiazdong" Password = "xiazdong" roles = "user"/> Format, We have configured a user named xiazdong, the password is xiazdong, And the role is user.

If Tomcat is restarted, A <role rolename = "user"/> statement is automatically generated in the tomcat-users.xml.

2. Implement login verification

In WEB-INF/Web. XML, you need to write

<Security-constraint> <web-resource-collection> <web-resource-Name> registerusers </Web-resource-Name> <URL-pattern>/demo/security. JSP </url-pattern> <! -- Verify the webpage location --> </Web-resource-collection> <auth-constraint> <role-Name> User </role-Name> <! -- Verified role, do not write the username as --> </auth-constraint> </security-constraint> <login-config> <auth-method> basic </auth-method> <! -- Key --> <realm-Name> registered users </realm-Name> </login-config> <security-role> <role-Name> User </role-Name> <! -- Verify the role. Do not write it as the user name --> </security-role>

Restart tomcat, you can write a Security. jsp file to verify it.

Enter the username xiazdong and password xiazdong to log on to the webpage.

If the role is a user, you can see the webpage.

<%@ page contentType="text/html" language="java" pageEncoding="GB2312"%>