You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Martin Schmollinger <ms...@soluz.com> on 2000/10/10 14:38:35 UTC

PWS AND Security-Constraint

Hi,
i've got a running web-application on a NT-Workstation 
using PWS and TomCat. Now I want to add a security-constraint-tag
to protect the context of the web-application. I edited the web.xml
file of the web-application:
:
<security-constraint>
      <web-resource-collection>
         <web-resource-name>XBOARDER</web-resource-name>
         <!-- Define the context-relative URL(s) to be protected -->
         <url-pattern>/*</url-pattern>
         <!-- If you list http methods, only those methods are protected -->
         <http-method>DELETE</http-method>
         <http-method>GET</http-method>
         <http-method>POST</http-method>
         <http-method>PUT</http-method>
      </web-resource-collection>      
    </security-constraint>

    <!-- Default login configuration uses BASIC authentication -->
    <login-config>
      <auth-method>BASIC</auth-method>
    </login-config>
:    
:

I thought that the Browser will ask me now for a login and password,
but nothing happend. Everything worked as before.
Isn't it possible to use the security-constraint together with PWS?
PWS itself can't protect anything!

Martin