You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by SomchaiDion <ls...@k3.dion.ne.jp> on 2002/06/19 10:13:53 UTC
Login prompt twice
Hi, can anybody help me.
I try to config my tomcat to serve my homepage and protect some data by
using security-constrain. The data file is a MS-Word document. When anyone
access the data directory, it will ask username&password. That is ok. But,
when click at a link to document file, it ask username&password again. I
don't know, why? I am using Tomcat 4.1.3LE with JSDK 1.4.0 on Linux 2.4.18.
My WEB-INF/web.xml file as follow:
====================================
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>
index.jsp
</welcome-file>
<welcome-file>
index.html
</welcome-file>
<welcome-file>
index.htm
</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>DataProtect</web-resource-name>
<description>protect</description>
<url-pattern>/DataStructure/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>dsstudent</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Default</realm-name>
</login-config>
<security-role>
<role-name>dsstudent</role-name>
</security-role>
</web-app>
======================================
Somchai LIMSIRORATANA
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Login prompt twice
Posted by SomchaiDion <ls...@k3.dion.ne.jp>.
Hi all,
My problem was solved. I send this message for someone who may has the
same problem. In my case, it is because I didn't set "http-method" of the
"web-resource-collection". So, it assign to all and ask for login&password
for all access method which is "GET" and "OPTIONS"(in my case). When I set
"http-method" to only "GET", it ask me once. :)
SL.
----- Original Message -----
From: "SomchaiDion" <ls...@k3.dion.ne.jp>
To: <to...@jakarta.apache.org>
Sent: Wednesday, June 19, 2002 5:13 PM
Subject: Login prompt twice
> Hi, can anybody help me.
> I try to config my tomcat to serve my homepage and protect some data
by
> using security-constrain. The data file is a MS-Word document. When anyone
> access the data directory, it will ask username&password. That is ok. But,
> when click at a link to document file, it ask username&password again. I
> don't know, why? I am using Tomcat 4.1.3LE with JSDK 1.4.0 on Linux
2.4.18.
> My WEB-INF/web.xml file as follow:
>
> ====================================
> <?xml version="1.0" encoding="UTF-8"?>
>
> <!DOCTYPE web-app
> PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
> "http://java.sun.com/dtd/web-app_2_3.dtd">
>
> <web-app>
> <session-config>
> <session-timeout>
> 30
> </session-timeout>
> </session-config>
> <welcome-file-list>
> <welcome-file>
> index.jsp
> </welcome-file>
> <welcome-file>
> index.html
> </welcome-file>
> <welcome-file>
> index.htm
> </welcome-file>
> </welcome-file-list>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>DataProtect</web-resource-name>
> <description>protect</description>
> <url-pattern>/DataStructure/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>dsstudent</role-name>
> </auth-constraint>
> </security-constraint>
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>Default</realm-name>
> </login-config>
> <security-role>
> <role-name>dsstudent</role-name>
> </security-role>
> </web-app>
>
> ======================================
> Somchai LIMSIRORATANA
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>