axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Gregg" <>
Subject RE: Base security problem
Date Tue, 02 Jul 2002 13:48:59 GMT
It sounds like your web.xml file is not configured properly to require a
user to login before accessing your service.  You need a security-constraint
block in web.xml like this:

      <web-resource-name>MyService's Protected Area</web-resource-name>

Look at the servlet spec for more detailed information.  When your servlet
container sees someone trying to access this url, it will require login with
whatever method you specified.


-----Original Message-----
Behalf Of Piotr Szymanski
Sent: Tuesday, July 02, 2002 8:27 AM
Subject: RE: Base security problem

>after installing Tomcat, the MemoryRealm is set to default.
Yes. You are right (I have set to default), but why server don't extract
password from my client program?

I have simple class with method returned string "OK" - if called properly. I
save this class in main
folder of axis (%tomcat\webapps\axis\MyService.jws) with jws extension file.
When I invoking this class without set user and password properties in call
object I expecting that server will checking password during access to
instace this class. Unfortunately I getting response from my class. It is
meaning that I got
properly access to my class without any password and user!

What is wrong with my configuration. I think solution is simple.
How I can bolck access to my service?

View raw message