準備環境:
1.j2sdk-1_4_2-windows-i586.exe
//jdk
2.mysql-4.0.20d-win.zip
//mysql數據庫
3.mysqlcc-0.9.4-win32.zip
//mysqlGUI控制
4.jakarta-tomcat-5.0.27.exe
//tomcat服務器
5.mysql-connector-java-3.0.14-production.zip
//內含mysql驅動
安裝步驟:
1.安裝jdk
2.安裝tomcat
3.安裝mysql
4.安裝mysqlcc
5.將驅動包解壓,拷貝mysql-connector-java-3.0.14-production-bin.jar
到tomcat/common/lib下
或者下載mm.mysql-2.0.14-you-must-unjar-me.jar,
解壓后拷貝其中的mm.mysql-2.0.14-bin.jar
Tomcat5.0配置 本例使用安裝密碼 198277
1.配置manager 管理應用程序
在conf/server.xml 中
添加如下:
<Service name="Catalina">
...
<Context path="/manager"
debug="0" privileged="true"
docBase="/usr/local/kinetic
/tomcat5/server/webapps/manager">
</Context>
</Service> |
限制IP訪問配置
<Context path="/manager"
debug="0" privileged="true"
docBase="/usr/local/kinetic
/tomcat5/server/webapps/manager">
<Valve className="org.apache.
catalina.valves.RemoteAddrValve"
allow="127.0.0.1"/>
</Context> |
測試為:http://localhost:8080/manager/html
2、配置JDBCRealm容器管理安全,以mysql-4.0數據庫為例
a.拷貝驅動mm.mysql-2.0.14-bin.jar到common/lib/下
b.在數據庫ycg中建表
create table users
(
user_name
varchar(15) not null primary key,
user_pass
varchar(15) not null
);
create table user_roles
(
user_name
varchar(15) not null,
role_name
varchar(15) not null,
primary key (user_name, role_name)
); |
c.修改server.xml如下(默認數據庫為root,無密碼,如果有形如:
connectionURL="jdbc:mysql:
//localhost/authority?
user=dbuser&password=dbpass")
<Realm className="org.apache.catalina.
realm.JDBCRealm" debug="99"
driverName="
org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql:
//localhost/ycg?user=root"
connectionName=""
connectionPassword=""
userTable="users"
userNameCol="user_name"
userCredCol="user_pass"
userRoleTable="user_roles"
roleNameCol="role_name" /> |
d.在數據庫中添加入tomcat的默認配置數據:
e.啟動mysql,啟動tomcat,此后tomcat將從數據庫中讀用戶規則認證.默認的conf/tomcat-users.xml失效
3.DBCP的配置
a.設置
<parameter>
<name>removeAbandoned</name>
<value>true</value>
</parameter> |
可使失效的數據連接重新啟用.
配套設置
<parameter>
<name>removeAbandonedTimeout</name>
<value>60</value>
</parameter> |
失效時間
如果要寫入日志
設置
<parameter>
<name>logAbandoned</name>
<value>true</value>
</parameter> |
以上三個默認都是false
b.以mysql為例,配置數據連接池
c.配置新的用戶與數據庫,必須設定密碼,空密碼將導致連接失敗
e.
指定root密碼:
mysqladmin -u root -h localhost
password "198277" |
(需修改上面的jdbcrealm設置connectionURL="jdbc:mysql://localhost/ycg?user=root&password=198277")
命令mysql進入匿名連接到服務器
密碼訪問
shell> mysql -h host -u user -p
Enter password: ********
//如果root沒有密碼,以下是不成功的.(試過了)
mysql> GRANT ALL PRIVILEGES ON *.*
TO javauser@localhost
-> IDENTIFIED BY 'javadude'
WITH GRANT OPTION;
mysql> create database javatest;
mysql> use javatest;
mysql> create table testdata
(
-> id int not null
auto_increment primary key,
-> foo varchar(25),
-> bar int);
在conf/server.xml中<host></host>
中添加
<Context path="/DBTest" docBase="DBTest"
debug="5" reloadable="true"
crossContext="true">
<Logger className="org.apache.
catalina.logger.FileLogger"
prefix="localhost_DBTest_log."
suffix=".txt"
timestamp="true"/>
<Resource name="jdbc/TestDB"
auth="Container"
type="javax.sql.DataSource"/>
<ResourceParams name="jdbc/TestDB">
<parameter>
<name>factory</name>
<value>org.apache.commons.dbcp.
BasicDataSourceFactory</value>
</parameter>
<!-- Maximum number of dB connections
in pool. Make sure you
configure your mysqld
max_connections large enough to handle
all of your db connections.
Set to 0 for no limit.
-->
<parameter>
<name>maxActive</name>
<value>100</value>
</parameter>
<!-- Maximum number of idle dB
connections to retain in pool.
Set to 0 for no limit.
-->
<parameter>
<name>maxIdle</name>
<value>30</value>
</parameter>
<!-- Maximum time to wait for a
dB connection to become available
in ms, in this example 10
seconds. An Exception is thrown if
this timeout is exceeded.
Set to -1 to wait indefinitely.
-->
<parameter>
<name>maxWait</name>
<value>10000</value>
</parameter>
<!-- MySQL dB username and
password for dB connections -->
<parameter>
<name>username</name>
<value>javauser</value>
</parameter>
<parameter>
<name>password</name>
<value>javadude</value>
</parameter>
<!-- Class name for the old mm.
mysql JDBC driver - uncomment
this entry and comment next
if you want to use this driver
- we recommend using Connector/J though
<parameter>
<name>driverClassName</name>
<value>org.gjt.mm.mysql.Driver</value>
</parameter>
-->
<!-- Class name for the official
MySQL Connector/J driver -->
<parameter>
<name>driverClassName</name>
<value>com.mysql.jdbc.Driver</value>
</parameter>
<!-- The JDBC connection url for
connecting to your MySQL dB.
The autoReconnect=true argument
to the url makes sure that the
mm.mysql JDBC Driver will
automatically reconnect if mysqld closed the
connection. mysqld by default
closes idle connections after 8 hours.
-->
<parameter>
<name>url</name>
<value>jdbc:mysql://localhost:3306
/javatest?autoReconnect=true</value>
</parameter>
<parameter>
<name>removeAbandoned</name>
<value>true</value>
</parameter>
<parameter>
<name>removeAbandonedTimeout</name>
<value>60</value>
</parameter>
<parameter>
<name>logAbandoned</name>
<value>true</value>
</parameter>
</ResourceParams>
</Context> |
f.在web服務中調用.配置web.xml 如:
<web-app xmlns=
"http://java.sun.com/xml/ns/j2ee"
xmlns:xsi=
"http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation=
"http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<description>MySQL Test App</description>
<resource-ref>
<description>DB Connection</description>
<res-ref-name>jdbc/TestDB</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
</web-app> |
g.測試用test.jsp
<%@ taglib uri=
"http://java.sun.com/jsp/jstl/sql"
prefix="sql" %>
<%@ taglib uri=
"http://java.sun.com/jsp/jstl/core"
prefix="c" %>
<sql:query var="rs"
dataSource="jdbc/TestDB">
select id, foo, bar from testdata
</sql:query>
<html>
<head>
<title>DB Test</title>
</head>
<body>
<h2>Results</h2>
<c:forEach var="row" items="${rs.rows}">
Foo ${row.foo}<br/>
Bar ${row.bar}<br/>
</c:forEach>
</body>
</html> |
h.新建web應用
下載jakarta-taglibs-standard-1.1.0
copy jstl.jar and standard.jar to your web app's WEB-INF/lib
DBTest/
WEB-INF/
web.xml
lib/
jstl.jar
standard.jar
test.jsp |
拷貝到webapps/ 下
i.啟動mysql,tomcat
訪問:
http://localhost:8080/DBTest/test.jsp
顯示:
Results
Foo hello
Bar 12345 |
4.ssl的配置,以jdk1.4.2為例
a.進入%JAVA_HOME%\bin
運行命令:keytool -genkey -alias tomcat -keyalg RSA
以tomcat 安裝密碼為198277,ketool設置密碼為198277為例
輸入keystore密碼: 198277
您的名字與姓氏是什么?
[Unknown]: ycg
您的組織單位名稱是什么?
[Unknown]: nju
您的組織名稱是什么?
[Unknown]: nju
您所在的城市或區域名稱是什么?
[Unknown]: nanjing
您所在的州或省份名稱是什么?
[Unknown]: jiangsu
該單位的兩字母國家代碼是什么
[Unknown]: nd
CN=ycg, OU=nju, O=nju, L=nanjing, ST=jiangsu, C=nd 正確嗎?
[否]: y
輸入的主密碼
(如果和 keystore 密碼相同,按回車): 198277
b.在你的D:\Documents and Settings\的當前用戶目錄下可以找到.keystore文件.將其拷貝到conf/文件夾下.
c.在server.xml 中找到
<!--
<Connector port="8443"
maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100" debug="0"
scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
--> |
去掉注釋
添加配置字段:keystoreFile="/conf/.keystore" keystorePass="198277"
如:
<Connector port="8443"
maxThreads="150" minSpareThreads=
"25" maxSpareThreads="75"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100" debug="0"
scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="/conf/.keystore"
keystorePass="198277"/> |
d.測試為:
https://localhost:8443
e.在自己的程序中添加ssl認證方式為:
在web.xml 中添加
<security-constraint>
<web-resource-collection>
<web-resource-name>Success
</web-resource-name>
<url-pattern>/</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL
</transport-guarantee>
</user-data-constraint>
</security-constraint> |
f.用上提為例就是
修改web.xml 為
<web-app xmlns=
"http://java.sun.com/xml/ns/j2ee"
xmlns:xsi=
"http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation=
"http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<description>MySQL Test App</description>
<security-constraint>
<web-resource-collection>
<web-resource-name>Success
</web-resource-name>
<url-pattern>/</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL
</transport-guarantee>
</user-data-constraint>
</security-constraint>
<resource-ref>
<description>DB Connection</description>
<res-ref-name>jdbc/TestDB</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
</web-app> |
訪問:
https://localhost:8443/DBTest/test.jsp
g.如果與2配置的jdbcRealm結合起來進行表單認證
先在user_roles表中添加user_name:ycg role_name:web-user
在users表中添加user_name:ycg user_pass:198277
然后在web.xml中添加
<auth-constraint>
<role-name>web-user</role-name>
</auth-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>My Member Area</realm-name>
</login-config> |
修改后的web.xml如:
<web-app xmlns=
"http://java.sun.com/xml/ns/j2ee"
xmlns:xsi=
"http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation=
"http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<description>MySQL Test App</description>
<security-constraint>
<web-resource-collection>
<web-resource-name>Success
</web-resource-name>
<url-pattern>/</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>web-user</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL
</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>My Member Area</realm-name>
</login-config>
<resource-ref>
<description>DB Connection</description>
<res-ref-name>jdbc/TestDB</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
</web-app> |
測試:
http://localhost:8080/DBTest/test.jsp
將通過ssl連接,并進行表單認證.用戶密碼可在user_roles,和users中添加.
5.中文亂碼問題:
mysql 默認編碼 iso
tomcat request 傳輸編碼 iso
如果要顯示中文
在*.jsp中添加
<head>
<%@ page
language="java"
contentType="text/html;
charset=GB18030"
pageEncoding="GB18030"
%>
</head> |
如果是數據傳輸中的亂碼(如用servlet從mysql數據庫讀出的數據)用以下兩個轉碼函數轉碼,如果不清楚由哪種編碼轉成哪種編碼,就多嘗試。
//轉碼GBK轉ISO
public String toISO(String input)
{
try
{
byte[] bytes = input.getBytes("GBK");
return new String(bytes,"ISO8859-1");
}catch(Exception ex)
{
}
return input;
}
//轉碼IS0轉GBK
public String toGBK(String input)
{
try {
byte[] bytes =
input.getBytes("ISO8859-1");
return new String(bytes,"GBK");
}catch(Exception ex) {
}
return input;
} |
(http://www.fanqiang.com)
|