Tomcat 签名认证配置简例

在项目的web.xml中增加

<security-constraint>
        <web-resource-collection>
            <web-resource-name>Restricted Area</web-resource-name>
            <url-pattern>/data</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>tomcat</role-name>
            <role-name>author</role-name>
            <role-name>reader</role-name>
            <role-name>xujie</role-name>

        </auth-constraint>
    </security-constraint>

    <login-config>
        <auth-method>DIGEST</auth-method>
        <realm-name>Authenticate yourself</realm-name>
    </login-config>

这样访问data的时候需要输入tomcat-user.xml中配置的用户名密码了

​