web.xml增加如下配置
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>
admin
</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
tomcat-users.xml中增加如下配置
<role rolename="admin"/>
<user password="liyuhang" roles="admin" username="liyuhang"/>
首次访问网站就会弹出身份验证的输入框,在输入用户名和密码后就可以正常访问 网站,以后每次访问网站的请求的头部都会假如Authorization信息