1、创建证书钥匙库:
keytool -genkey -alias tomcat -keyalg RSA
缺省证书文件名为:.keystore
2、修改文件server.xml
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false"
keystoreFile="C:\keystore\.keystore"
keystorePass="netscape"
sslProtocol="TLS" />
3、web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Purchase</web-resource-name>
<url-pattern>/ssl/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>registered-user</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<!-- Only users in the administrator role can access
the delete-account.jsp page within the admin
directory. -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Account Deletion</web-resource-name>
<url-pattern>/admin/delete-account.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>administrator</role-name>
</auth-constraint>
</security-constraint>
<!-- Tell the server to use form-based authentication. -->
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/admin/login.jsp</form-login-page>
<form-error-page>/admin/login-error.jsp</form-error-page>
</form-login-config>
</login-config>
4、重启tomcat
posted on 2005-11-02 15:21
my java 阅读(390)
评论(0) 编辑 收藏 所属分类:
jsp