JDBCRealm Http Digest
2015-12-21 00:00
645 查看
JDBCRealm
授权信息存在关系数据库中, 通过JDBC驱动访问
数据库中必须至少有两张表,表示用户及角色
用户表必须至少有两个字段,用户名及密码
角色表必须至少有两个字段,用户名及角色
[html] view plaincopy
CREATE TABLE users (
user_name VARCHAR(15) NOT NULL PRIMARY KEY,
user_pass VARCHAR(15) NOT NULL
);
CREATE TABLE user_roles (
user_name VARCHAR(15) NOT NULL,
role_name VARCHAR(15) NOT NULL,
PRIMARY KEY (user_name, role_name)
);
[html] view plaincopy
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://localhost/authority?user=dbuser&password=dbpass"
userTable="users" userNameCol="user_name" userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name"/>
Password to be recognized by Tomcat when the user logs in. This value may in cleartext or digested - see below for more information.
create table users (
user_name varchar(15) not null primary key,
user_pass varchar(15) not null
);
create table user_roles (
user_name varchar(15) not null,
role_name varchar(15) not null,
primary key (user_name, role_name)
);
$CATALINA_BASE/conf/server.xml
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://localhost/test?user=root&password=root"
userTable="users" userNameCol="user_name" userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name"/>
ost Tomcat packages include a script ($TOMCAT_HOME/bin/digest.shor .bat for Windows)that can be used to create a one-way digest of a
password.I use this, in conjunction with file permissions, to protect
the Tomcat manager password in$TOMCAT_HOME/conf/tomcat-users.xmlfrom prying eyes.
1.To use SHA, update$TOMCAT_HOME/conf/server.xmlso that:
resourceName="UserDatabase"/>
reads
digest="SHA" resourceName="UserDatabase"/>
2.Then create your digest by running (replacingcredentialswith the password you want to digest):$TOMCAT_HOME/bin/digest -a SHA credentials
This will output the plaintext and then the digested form of the credentials separated by a colon – e.g. for ‘foo’:foo:0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33
3.Take the second part and place this into thepasswordattribute of theuserelement intomcat-users.xml– e.g.:
password="0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33"
roles="admin,manager"/>
4.Restart Tomcat for it to take effect.
Fromhttp://leanjavaengineering.wordpress.
D:\Ken\httpauth\bin>digest.bat -a md5 654123
654123:bf9f8d1f05dc08cc3b02e8fcf2c2ba57
D:\Ken\httpauth\bin>digest.bat -a md5 123456
123456:e10adc3949ba59abbe56e057f20f883e
D:\Ken\httpauth\bin>digest.bat -a md5 t:Realm:123456
t:Realm:123456:6a6f14de4691b088f3deb84b14fa0612
D:\Ken\httpauth\bin>
D:\Ken\httpauth\bin>digest.bat -a md5 654123
654123:bf9f8d1f05dc08cc3b02e8fcf2c2ba57
D:\Ken\httpauth\bin>digest.bat -a md5 123456
123456:e10adc3949ba59abbe56e057f20f883e
D:\Ken\httpauth\bin>digest.bat -a md5 t:Realm:123456
t:Realm:123456:6a6f14de4691b088f3deb84b14fa0612
D:\Ken\httpauth\bin>digest.bat -a md5 t:WebApi:123456
t:WebApi:123456:bb80940c5ff834aef1b2652eddcef09c
D:\Ken\httpauth\bin>
Http Digest认证中
1.Java/Android可以通过httpcomponents组件完成Digest认证
2.认证相关的角色及用户信息 可配置在数据库中存储,且密码字段可加密。
授权信息存在关系数据库中, 通过JDBC驱动访问
数据库中必须至少有两张表,表示用户及角色
用户表必须至少有两个字段,用户名及密码
角色表必须至少有两个字段,用户名及角色
[html] view plaincopy
CREATE TABLE users (
user_name VARCHAR(15) NOT NULL PRIMARY KEY,
user_pass VARCHAR(15) NOT NULL
);
CREATE TABLE user_roles (
user_name VARCHAR(15) NOT NULL,
role_name VARCHAR(15) NOT NULL,
PRIMARY KEY (user_name, role_name)
);
[html] view plaincopy
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://localhost/authority?user=dbuser&password=dbpass"
userTable="users" userNameCol="user_name" userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name"/>
Password to be recognized by Tomcat when the user logs in. This value may in cleartext or digested - see below for more information.
create table users (
user_name varchar(15) not null primary key,
user_pass varchar(15) not null
);
create table user_roles (
user_name varchar(15) not null,
role_name varchar(15) not null,
primary key (user_name, role_name)
);
$CATALINA_BASE/conf/server.xml
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://localhost/test?user=root&password=root"
userTable="users" userNameCol="user_name" userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name"/>
ost Tomcat packages include a script ($TOMCAT_HOME/bin/digest.shor .bat for Windows)that can be used to create a one-way digest of a
password.I use this, in conjunction with file permissions, to protect
the Tomcat manager password in$TOMCAT_HOME/conf/tomcat-users.xmlfrom prying eyes.
1.To use SHA, update$TOMCAT_HOME/conf/server.xmlso that:
resourceName="UserDatabase"/>
reads
digest="SHA" resourceName="UserDatabase"/>
2.Then create your digest by running (replacingcredentialswith the password you want to digest):$TOMCAT_HOME/bin/digest -a SHA credentials
This will output the plaintext and then the digested form of the credentials separated by a colon – e.g. for ‘foo’:foo:0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33
3.Take the second part and place this into thepasswordattribute of theuserelement intomcat-users.xml– e.g.:
password="0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33"
roles="admin,manager"/>
4.Restart Tomcat for it to take effect.
Fromhttp://leanjavaengineering.wordpress.
D:\Ken\httpauth\bin>digest.bat -a md5 654123
654123:bf9f8d1f05dc08cc3b02e8fcf2c2ba57
D:\Ken\httpauth\bin>digest.bat -a md5 123456
123456:e10adc3949ba59abbe56e057f20f883e
D:\Ken\httpauth\bin>digest.bat -a md5 t:Realm:123456
t:Realm:123456:6a6f14de4691b088f3deb84b14fa0612
D:\Ken\httpauth\bin>
D:\Ken\httpauth\bin>digest.bat -a md5 654123
654123:bf9f8d1f05dc08cc3b02e8fcf2c2ba57
D:\Ken\httpauth\bin>digest.bat -a md5 123456
123456:e10adc3949ba59abbe56e057f20f883e
D:\Ken\httpauth\bin>digest.bat -a md5 t:Realm:123456
t:Realm:123456:6a6f14de4691b088f3deb84b14fa0612
D:\Ken\httpauth\bin>digest.bat -a md5 t:WebApi:123456
t:WebApi:123456:bb80940c5ff834aef1b2652eddcef09c
D:\Ken\httpauth\bin>
Http Digest认证中
1.Java/Android可以通过httpcomponents组件完成Digest认证
2.认证相关的角色及用户信息 可配置在数据库中存储,且密码字段可加密。
相关文章推荐
- HttpServletResponse 下载附件
- java net.URLConnection http请求
- Linux无线网络设置(wpa_supplicant的使用)
- http://www.cnblogs.com/xdp-gacl/p/3951952.html
- 在中国网络管理技术大会上的主题演讲
- TCP 的那些事儿(下)
- 图与网络分析
- TCP 的那些事儿(上)
- WebKit之XMLHttpRequest简单分析
- android网络编程之HttpUrlConnection的讲解--实现文件的断点上传
- DIY_hlstudio_WIN7PE【69M】网络版【89M】
- 网络爬虫入门
- TCP/IP协议工作原理简述
- linux下改动内核參数进行Tcp性能调优 -- 高并发
- Android 使用Retrofit2.0 + OKHttp 实现 HTTP协议请求
- HTTP 1.1与HTTP 1.0的比较
- linux下TCP编程示例(服务端/客户端)
- Python之最简单的http的echo 服务
- 卷积神经网络 资料
- poj 3281 网络流最大流量