tomcat的conf文件夹中 修改tomcat-users.xml:
<tomcat-users>
<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="manager"/>
<role rolename="admin"/>
<user username="admin" password="admin" roles="admin,manager"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="role1" password="tomcat" roles="role1"/>
</tomcat-users>
web.xml中添加
<security-constraint>
<display-name>MyCMS</display-name>
<web-resource-collection>
<web-resource-name>jack</web-resource-name> <!-- 任意 -->
<url-pattern>/jack/*</url-pattern> <!-- action所在的名称空间为jack中的所有文件 -->
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name> <!-- 与tomcat-users.xml中的对应 -->
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>input authentication message</realm-name>
</login-config>
<security-role>
<description>
The role that is required to log in to the Administration Application
</description>
<role-name>admin</role-name>
</security-role>