关于Tomcat的j_security_check

Question

我是否必须做任何事情来激活Tomcat来处理对j_security_check的调用？配置和HTML代码如下.我收到此错误:

错误信息

类型状态报告

message /(context path)/ ProviderManager/j_security_check

description请求的资源(/(上下文路径)/ ProviderManager/j_security_check)不可用.

web.xml中

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>

    <security-constraint>
        <display-name>Constraint1</display-name>
        <web-resource-collection>
            <web-resource-name>ProviderManager</web-resource-name>
            <description/>
            <url-pattern>/ProviderManager/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <description/>
            <role-name>tomcat</role-name>
        </auth-constraint>
    </security-constraint>
    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/ProviderManager/login.jsp</form-login-page>
            <form-error-page>/ProviderManager/error.jsp</form-error-page>
        </form-login-config>
    </login-config>
    <security-role>
        <description/>
        <role-name>tomcat</role-name>
    </security-role>
</web-app>

的tomcat-users.xml中

<tomcat-users>

  <role rolename="tomcat"/>
  <role rolename="role1"/>

  <user username="tomcat" password="tomcat" roles="tomcat"/>
  <user username="both" password="tomcat" roles="tomcat,role1"/>
  <user username="role1" password="tomcat" roles="role1"/>

  <user username="ide" password="mgPNx5x5" roles="manager-script,admin"/>
</tomcat-users>

的login.html

<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
    </head>
    <body>
        <form action="j_security_check" method="POST">
           Username:<input type="text" name="j_username"><br>
           Password:<input type="password" name="j_password">
           <input type="submit" value="Login">
        </form>
    </body>
</html>

提前致谢,

圭多

Answer 1

action登录表单页面中的参数被解释为相对于登录页面的URL的URL,因此当您提交表单时,浏览器会向URL发送POST请求到服务器/[context-path]/ProviderManager/j_security_check.servlet容器/[context-path]/j_security_check用作对webapp的身份验证请求的路径.

以下任何一项都应该解决这个问题:

1. action将登录页面中的参数更改为../j_security_check.
2. action将登录页面中的参数更改为/[context-root]/j_security_check
3. 将登录页面移动到应用程序上下文根目录.