tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrea Barbieri <abarbi...@intelcom.sm>
Subject Security problem
Date Fri, 19 Jan 2001 10:04:36 GMT
HI to all,
i have found some problem in configuring security on site (Sparc Solaris 
5.7) with Tomcat 3.2 (in virtual host).
Everything goes Ok, but when I tried to configure Basic Realm on a 
particular Servlet class or sub dir of WEB-INF i didn't found any solution.
Is it possible to keep in security only particular Servlet class and not 
the complete directory?

---------------------------------------------
<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
     PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
     "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">

<web-app>

     <!-- Default login configuration uses BASIC authentication -->
     <login-config>
       <auth-method>BASIC</auth-method>
       <realm-name>Real name</realm-name>
     </login-config>

     <security-constraint>
       <web-resource-collection>
          <web-resource-name>Protected Area</web-resource-name>
          <url-pattern>/protected/*</url-pattern>
          <url-pattern>/servlet/login/*</url-pattern>
          <url-pattern>/servlet/protected/*</url-pattern>
       </web-resource-collection>
       <auth-constraint>
          <!-- This role name is configured in server.xml -->
          <role-name>random</role-name>
       </auth-constraint>
     </security-constraint>
</web-app>
-----------------------------------------------------

Thank's for suggestions


Mime
View raw message