You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Mark Larson <nu...@hotmail.com> on 2002/06/11 22:13:46 UTC

auth-constraint question

Hello,
I am running tomcat 4 stand-alone on Win NT4, using authentication with 
mysql (working just fine) on my entire site/webapp. I have a Webdav role and 
a Root role defined and need to use both of them in the same webapp.
My entire site is password protected. When I connect with my webdav client, 
it allows my Webdav role users to login as planned, but normal Root users 
can log in as well. How can I distinguish between these constraints? Below 
is a snippet of my web-inf/web.xml...
Thanks in advance,
Mark


<!-- Define a Security Constraint on this Application -->
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>mysite</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection>

    <auth-constraint>
       <role-name>Root</role-name>
       <role-name>Webdav</role-name>
    </auth-constraint>
  </security-constraint>


  <!-- Define the Login Configuration for this Application -->
  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>mysite</realm-name>
  </login-config>

_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>