You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Greg Morphis <gm...@gmail.com> on 2007/09/26 20:24:33 UTC

BASIC auth question, simple example...

Hi, I'm a n00b so bare with me!

I've got Tomcat 5.5 installed on my machine to the default location
c:\Tomcat5.5

I'm trying to get a simple example of BASIC auth running and I'm not
having any luck.

I created the folder
C:\Tomcat5.5\webapps\security\
In there I have
C:\Tomcat5.5\webapps\security\index.html
with just a simple "Hello World"
and
C:\Tomcat5.5\webapps\security\WEB-INF\web.xml

In the web.xml file I have
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
    http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
    version="2.4">

   <security-constraint>
      <web-resource-collection>
         <web-resource-name>Protected Area</web-resource-name>
	 <!-- Define the context-relative URL(s) to be protected -->
         <url-pattern>/security/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
         <!-- Anyone with one of the listed roles may access this area -->
	 <role-name>dau</role-name>
      </auth-constraint>
    </security-constraint>

    <!-- Default login configuration uses form-based authentication -->
	<login-config>
	  <auth-method>BASIC</auth-method>
	  <realm-name>Example BASIC Authentication Area</realm-name>
	</login-config>

    <!-- Security roles referenced by this web application -->
    <security-role>
      <role-name>dau</role-name>
    </security-role>
</web-app>

and in the conf/tomcat-users.xml I added the dau role.
This is not working. When I run the page I'm taken to the Hello World
page, why am I not prompted for the password?

It has to be something simple!?

Thanks!

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: BASIC auth question, simple example...

Posted by David Delbecq <de...@oma.be>.

Greg Morphis a écrit :
> I created the folder
> C:\Tomcat5.5\webapps\security\
>   
So webapp name is "security", reachabel by http://server/security/
>    <security-constraint>
>       <web-resource-collection>
>          <web-resource-name>Protected Area</web-resource-name>
> 	 <!-- Define the context-relative URL(s) to be protected -->
>          <url-pattern>/security/*</url-pattern>
>       </web-resource-collection>
>       <auth-constraint>
>          <!-- Anyone with one of the listed roles may access this area -->
> 	 <role-name>dau</role-name>
>       </auth-constraint>
>     </security-constraint>
You mapped security constraint to folder "/security/*" in your webapp. 
That means http://server/security/security/*
You probably should, considering where you index.xhtml is, map the 
security constraint to /* :)


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org