在你的tomcat/conf/Catalina/localhost/${webapp}.xml里面<Context>标签中加上 <ResourceLink name="users" global="UserDatabase" type="org.apache.catalina.UserDatabase"/>在你的webapp/WEB-INF/web.xml里面加上 <!-- Define reference to the user database for looking up roles --> <resource-env-ref> <description> Link to the UserDatabase instance from which we request lists of defined role names. Typically, this will be connected to the global user database with a ResourceLink element in server.xml or the context configuration file for the Manager web application. </description> <resource-env-ref-name>users</resource-env-ref-name> <resource-env-ref-type> org.apache.catalina.UserDatabase </resource-env-ref-type> </resource-env-ref> <!-- Define a Security Constraint on this Application --> <security-constraint> <web-resource-collection> <web-resource-name>Authorization</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <!-- NOTE: This role is not present in the default users file --> <role-name>authRole</role-name> </auth-constraint> </security-constraint> <!-- Define the Login Configuration for this Application --> <login-config> <auth-method>BASIC</auth-method> <realm-name>Authorization Application</realm-name> </login-config> <!-- Security roles referenced by this web application --> <security-role> <description> The role that is required to log in to the Authorization Application </description> <role-name>authRole</role-name> </security-role>然后在你的tomcat/conf/tomcat-user.xml里面增加用户abc(密码123),所属的role是authRole <user name="abc" password="123" roles="authRole" />
<ResourceLink name="users" global="UserDatabase"
type="org.apache.catalina.UserDatabase"/>在你的webapp/WEB-INF/web.xml里面加上 <!-- Define reference to the user database for looking up roles -->
<resource-env-ref>
<description>
Link to the UserDatabase instance from which we request lists of
defined role names. Typically, this will be connected to the global
user database with a ResourceLink element in server.xml or the context
configuration file for the Manager web application.
</description>
<resource-env-ref-name>users</resource-env-ref-name>
<resource-env-ref-type>
org.apache.catalina.UserDatabase
</resource-env-ref-type>
</resource-env-ref> <!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Authorization</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- NOTE: This role is not present in the default users file -->
<role-name>authRole</role-name>
</auth-constraint>
</security-constraint> <!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Authorization Application</realm-name>
</login-config> <!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to the Authorization Application
</description>
<role-name>authRole</role-name>
</security-role>然后在你的tomcat/conf/tomcat-user.xml里面增加用户abc(密码123),所属的role是authRole
<user name="abc" password="123" roles="authRole" />
tomcat/conf/Catalina/manager.xml
tomcat/server/webapps/manager/WEB-INF/web.xml