You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Mark Thomas <ma...@apache.org> on 2006/06/03 01:10:02 UTC
Re: Realm Tag in webappnamecontext.xml
Marc Farrow wrote:
> <auth-contraint/>
And there is the problem. An empty <auth-constraint> allows
unauthenticated access as per SRV.12.8.1
An empty <auth-constraint> is not the same as an <auth-constraint>
that specifies no roles and therefore denies access to all as per
SRV.12.8.1.
Mark
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Realm Tag in webappnamecontext.xml
Posted by Marc Farrow <ma...@gmail.com>.
Thanks Mark. I did figure out my configuration problem!
On 6/2/06, Mark Thomas <ma...@apache.org> wrote:
>
> Marc Farrow wrote:
> > <auth-contraint/>
>
> And there is the problem. An empty <auth-constraint> allows
> unauthenticated access as per SRV.12.8.1
>
> An empty <auth-constraint> is not the same as an <auth-constraint>
> that specifies no roles and therefore denies access to all as per
> SRV.12.8.1.
>
>
> Mark
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
Marc Farrow