JAAS配置

1.web.xml

  <!-- JAAS认证 -->
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>protected-resource</web-resource-name>
      <url-pattern>*.jsp</url-pattern>
      <url-pattern>*.action</url-pattern>
      <http-method>HEAD</http-method>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      <http-method>PUT</http-method>
      <http-method>DELETE</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>NEOJAAS</role-name>
    </auth-constraint>
    <user-data-constraint>
      <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
  </security-constraint>
  <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
      <form-login-page>/login.jsp</form-login-page>
      <form-error-page>/error.jsp</form-error-page>
    </form-login-config>
  </login-config>
  <security-role>
    <description>JAASTest Roles</description>
    <role-name>NEOJAAS</role-name>
  </security-role>

2.login.jsp

<form method="post" action="j_security_check"&#93;
  <label>用户名</label>
  <input name="j_username" type="text" maxlength="32" class="login-text"/>
  <label>密&nbsp;&nbsp;&nbsp;码</label>
  <input name="j_password" type="password" maxlength="32" class="login-text"/>
  <input type="submit" class="stuff" value="登&nbsp;录" />
</form>