security-role-ref not working with Tomcat 4.0.1 & .2

[Mark Teegarden <MX...@akc.org>]

I'm trying to use a security-role-ref entry in my web deployment descriptor of Tomcat 4. Has  this been broken in 4.0.1 and 4.0.2?

Try adding an entry of the following to the end of web.xml in examples before the </webapp> tag:
   <security-role-ref>
      <role-name>ADMIN</role-name>
      <role-link>Administrator</role-link>
   </security-role-ref>

I get the following from catalina on startup:
Starting service Tomcat-Standalone
Apache Tomcat/4.0.2
PARSE error at line 283 column 11
org.xml.sax.SAXParseException: The content of element type "web-app" must match
"(icon?,display-name?,description?,distributable?,context-param*,filter*,filter-
mapping*,listener*,servlet*,servlet-mapping*,session-config?,mime-mapping*,welco
me-file-list?,error-page*,taglib*,resource-env-ref*,resource-ref*,security-const
raint*,login-config?,security-role*,env-entry*,ejb-ref*,ejb-local-ref*)".
Starting service Tomcat-Apache
Apache Tomcat/4.0.2




--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>

Re: security-role-ref not working with Tomcat 4.0.1 & .2

["Christopher K. St. John" <ck...@distributopia.com>]

Mark Teegarden wrote:
> 
> Try adding an entry of the following to the end of web.xml
> in examples before the </webapp> tag:
>

 The <security-role-ref> element is declared as part of
a <servlet>, not a <webapp>:

<!ELEMENT servlet (icon?, servlet-name, display-name?,
  description?, (servlet-class|jsp-file), init-param*,
  load-on-startup?, run-as?, security-role-ref*)>

 There's an example in the servlet spec in SRV.13.4.2
"An Example of Security".

-- 
Christopher St. John cks@distributopia.com
DistribuTopia http://www.distributopia.com

--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>