You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by David Jian <dj...@UU.NET> on 2000/04/21 18:52:50 UTC
Basic authentication for Tomcat 3.1 418 release
At 12:58 PM 04/19/2000 -0400, you wrote:
>Hi,
>
>I upgrade from tomcat 3.1 rc1 (4/10) to 4/18 release. My files structure is
>
>tomcat
> |-- webapps
> |--examples
> |
> |--uuio
>
>I add my staff (uuio) to rc1(4/10) with new \conf\server.xml and
>\Web-Inf\web.xml, it works well. But whe I add the same path and same
>server.xml and web.xml to the 4/18's release, It automatically add extra
>/servlets/ to my staff. It looks like this:
>
>rc1 release URL: http://myhost/uuio/servlets/myhtml.html
>
>4/18 release URL: http://myhost/uuio/servlets/serlvets/myhtml.html
>
>However the URL for \examples is no problem as
>http://myhost/examples/servlets/somehtml.html
>
>Could someone tell me what should I do to fix this? It's probably somewhere
>in a config file.
>
>Please help!
>
>Thanks
>
>DJ
>
>
The problem comes from /webapps/myapps/web-inf/web.xml file. I
need to use basic authentication to protect the my apps:
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Tomcat</realm-name>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>collection1</web-resource-name>
<url-pattern>/servlets/*</url-pattern>
<url-pattern>/jsp/*</url-pattern>
<url-pattern>/images/*</url-pattern>
<url-pattern>/servlet/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>tomcat</role-name>
<role-name>role1</role-name>
</auth-constraint>
</security-constraint>
This part worked for tomcat3.1 rc1 (4/10) , but when I put it into
tomcat3.1 4/18 release, it will automatically add an extra "/servlets/ to
URL. If I remove <url-pattern>/servlets/*</url-pattern>, it will fix that
problem, but the authentication does not work.
Anyone has a idea how to do the authetication with this.
Thanks
DJ