You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Greg Morphis <gm...@gmail.com> on 2007/09/26 20:24:33 UTC
BASIC auth question, simple example...
Hi, I'm a n00b so bare with me!
I've got Tomcat 5.5 installed on my machine to the default location
c:\Tomcat5.5
I'm trying to get a simple example of BASIC auth running and I'm not
having any luck.
I created the folder
C:\Tomcat5.5\webapps\security\
In there I have
C:\Tomcat5.5\webapps\security\index.html
with just a simple "Hello World"
and
C:\Tomcat5.5\webapps\security\WEB-INF\web.xml
In the web.xml file I have
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/security/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>dau</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Example BASIC Authentication Area</realm-name>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<role-name>dau</role-name>
</security-role>
</web-app>
and in the conf/tomcat-users.xml I added the dau role.
This is not working. When I run the page I'm taken to the Hello World
page, why am I not prompted for the password?
It has to be something simple!?
Thanks!
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: BASIC auth question, simple example...
Posted by David Delbecq <de...@oma.be>.
Greg Morphis a écrit :
> I created the folder
> C:\Tomcat5.5\webapps\security\
>
So webapp name is "security", reachabel by http://server/security/
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Protected Area</web-resource-name>
> <!-- Define the context-relative URL(s) to be protected -->
> <url-pattern>/security/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <!-- Anyone with one of the listed roles may access this area -->
> <role-name>dau</role-name>
> </auth-constraint>
> </security-constraint>
You mapped security constraint to folder "/security/*" in your webapp.
That means http://server/security/security/*
You probably should, considering where you index.xhtml is, map the
security constraint to /* :)
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org