You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Stephen Boston <st...@avue.bc.ca> on 2000/08/30 22:15:33 UTC
Re: need help with security setup (Correction)
Sorry : I miswrote :
the context is "bar" not "bottle"
I have corrected the code below.
Very sorry.
On 30 Aug 2000, at 12:50, Stephen Boston wrote:
>
> I am basing my security setup on the tomcat 3.1 examples/web-
> inf/web.xml example.
>
> I have a context "bar"
>
> tomcat/webapps/bar/bottle/
> tomcat/webapps/bar/WEB-INF/web.xml
>
> The myapp context is created by Tomcat and its servlets are reachable
> through that context.
>
> in the above web.xml file I have these lines :
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Bottle Protected</web-resource-name>
> <url-pattern>/bottle/*</url-pattern>
> <http-method>DELETE</http-method>
> <http-method>GET</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> </web-resource-collection>
>
> <auth-constraint>
> <role-name>stephen</role-name>
> </auth-constraint>
>
> </security-constraint>
>
> <!-- Default login configuration uses BASIC authentication -->
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>Bottle Protected </realm-name>
> </login-config>
>
> It seems to me that this is identical to tomcat's
> examples/jsp/protected -- which works. I can not enter the
> jsp/protected area without supplying a valid user and pass.
>
> However I get a 404 on http://localhost:8080/bottle/j_security_check
>
> By the way -- do I have to store my users in tomcat-users.xml?
>
Re: need help with security setup ( Doh! Never mind.... )
Posted by Stephen Boston <st...@avue.bc.ca>.
...ahh (cough ) just found jsp/protected/index.jsp...
sorry.