JDBCRealm Http Digest

JDBCRealm 受權信息存在關係數據庫中, 經過JDBC驅動訪問 數據庫中必須至少有兩張表，表示用戶及角色 用戶表必須至少有兩個字段，用戶名及密碼 角色表必須至少有兩個字段，用戶名及角色 [html] view plaincopy CREATE TABLE users (     user_name         VARCHAR(15) NOT NULL PRIMARY KEY,     user_pass         VARCHAR(15) NOT NULL   );       CREATE TABLE user_roles (     user_name         VARCHAR(15) NOT NULL,     role_name         VARCHAR(15) NOT NULL,     PRIMARY KEY (user_name, role_name)   );   [html] view plaincopy <Realm className="org.apache.catalina.realm.JDBCRealm"     driverName="org.gjt.mm.mysql.Driver"     connectionURL="jdbc:mysql://localhost/authority?user=dbuser&password=dbpass"     userTable="users" userNameCol="user_name" userCredCol="user_pass"     userRoleTable="user_roles" roleNameCol="role_name"/>     Password to be recognized by Tomcat when the user logs in. This value may in cleartext or digested - see below for more information. create table users (   user_name         varchar(15) not null primary key,   user_pass         varchar(15) not null ); create table user_roles (   user_name         varchar(15) not null,   role_name         varchar(15) not null,   primary key (user_name, role_name) ); $CATALINA_BASE/conf/server.xml <Realm className="org.apache.catalina.realm.JDBCRealm"       driverName="org.gjt.mm.mysql.Driver"    connectionURL="jdbc:mysql://localhost/test?user=root&amp;password=root"        userTable="users" userNameCol="user_name" userCredCol="user_pass"    userRoleTable="user_roles" roleNameCol="role_name"/>                    ost Tomcat packages include a script ($TOMCAT_HOME/bin/digest.shor .bat for Windows)that can be used to create a one-way digest of a password.I use this, in conjunction with file permissions, to protect the Tomcat manager password in$TOMCAT_HOME/conf/tomcat-users.xmlfrom prying eyes. 1.To use SHA, update$TOMCAT_HOME/conf/server.xmlso that: resourceName="UserDatabase"/> reads digest="SHA" resourceName="UserDatabase"/> 2.Then create your digest by running (replacingcredentialswith the password you want to digest):$TOMCAT_HOME/bin/digest -a SHA credentials This will output the plaintext and then the digested form of the credentials separated by a colon – e.g. for ‘foo’:foo:0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33 3.Take the second part and place this into thepasswordattribute of theuserelement intomcat-users.xml– e.g.: password="0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33" roles="admin,manager"/> 4.Restart Tomcat for it to take effect. Fromhttp://leanjavaengineering.wordpress. D:\Ken\httpauth\bin>digest.bat -a  md5 654123 654123:bf9f8d1f05dc08cc3b02e8fcf2c2ba57 D:\Ken\httpauth\bin>digest.bat -a  md5 123456 123456:e10adc3949ba59abbe56e057f20f883e D:\Ken\httpauth\bin>digest.bat -a  md5 t:Realm:123456 t:Realm:123456:6a6f14de4691b088f3deb84b14fa0612 D:\Ken\httpauth\bin> D:\Ken\httpauth\bin>digest.bat -a  md5 654123 654123:bf9f8d1f05dc08cc3b02e8fcf2c2ba57 D:\Ken\httpauth\bin>digest.bat -a  md5 123456 123456:e10adc3949ba59abbe56e057f20f883e D:\Ken\httpauth\bin>digest.bat -a  md5 t:Realm:123456 t:Realm:123456:6a6f14de4691b088f3deb84b14fa0612 D:\Ken\httpauth\bin>digest.bat -a  md5 t:WebApi:123456 t:WebApi:123456:bb80940c5ff834aef1b2652eddcef09c D:\Ken\httpauth\bin>   Http Digest認證中 1．Java/Android能夠經過httpcomponents組件完成Digest認證 2．認證相關的角色及用戶信息 可配置在數據庫中存儲,且密碼字段可加密。