I'm understand that
<security-role><role-name>Admin</role-name></security-role>
is for container map it with tomcat-users.xml (realm)
but I confuse about if I didn't use realm but I use database how container know which field in my database is for role-name or it have naming convention in database field name like "role_name" and container will know it
Thank you for every advices
Just use a database realm and configure the table and column names in a <Realm> element in server configuration file. For Tomcat, this is described in the Realm HOWTO. Here's an extract of relevance, from the JDBCRealm chapter:
Quick Start
To set up Tomcat to use JDBCRealm, you will need to follow these steps:
- If you have not yet done so, create tables and columns in your database that conform to the requirements described above.
- Configure a database username and password for use by Tomcat, that has at least read only access to the tables described above. (Tomcat will never attempt to write to these tables.)
- Place a copy of the JDBC driver you will be using inside the
$CATALINA_HOME/libdirectory. Note that only JAR files are recognized!- Set up a
<Realm>element, as described below, in your$CATALINA_BASE/conf/server.xmlfile.- Restart Tomcat 6 if it is already running.
Realm Element Attributes
To configure JDBCRealm, you will create a
<Realm>element and nest it in your$CATALINA_BASE/conf/server.xmlfile, as described above. The attributes for the JDBCRealm are defined in the Realm configuration documentation.Example
An example SQL script to create the needed tables might look something like this (adapt the syntax as required for your particular database):
create table users ( user_name varchar(15) not null primary key, user_pass varchar(15) not null ); create table user_roles ( user_name varchar(15) not null, role_name varchar(15) not null, primary key(user_name, role_name) );Example
Realmelements are included (commented out) in the default$CATALINA_BASE/conf/server.xmlfile. Here's an example for using a MySQL database called "authority", configured with the tables described above, and accessed with username "dbuser" and password "dbpass":<Realm className="org.apache.catalina.realm.JDBCRealm" driverName="org.gjt.mm.mysql.Driver" connectionURL="jdbc:mysql://localhost/authority?user=dbuser&password=dbpass" userTable="users" userNameCol="user_name" userCredCol="user_pass" userRoleTable="user_roles" roleNameCol="role_name"/>
Pretty clear, isn't it? If you already have a JDBC datasource configured in Tomcat (for connection pooling and on), then you can also use DataSourceRealm instead.
The tomcat-users.xml which you're talking about is by the way called UserDatabaseRealm.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 相关推荐>> 的文章《Confusing about <security> in web.xml》','https://www.manongdao.com/article-600797.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}