- tomcat-user.xml 里面配置登录的用户密码
<role rolename="saploginuser"/>
<user username="admin" password="123123" roles="saploginuser"/>
- 项目web.xml 里面配置用户验证方式
<security-constraint>
<web-resource-collection>
<http-method>GET</http-method>
<http-method>POST</http-method>
<web-resource-name>tomcat protect page</web-resource-name>
<!-- /soapwebservice目录下的所有资源是受保护的 -->
<url-pattern>/soapwebservice/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- 这里的saploginuser要与tomcat-user.xml中配置的role一致 -->
<role-name>saploginuser</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<!-- 验证方式,可选的值为: "BASIC", "DIGEST", "FORM", "CLIENT-CERT" -->
<auth-method>BASIC</auth-method>
<!-- 使用的Realm名字,注意这里不能有空格 -->
<realm-name>SAPWEBSERVICELOGIN</realm-name>
</login-config>