They are created in the same way as JAR files - but with a different extensions. All the tools that work with JAR's work with WAR's -----Original Message----- From: Amrhein, Thomas [mailto:tamrhein@debis.com] Sent: 24 March 2000 14:38 To: tomcat-user@jakarta.apache.org Subject: AW: User Authorization .war files are Web ARchives I think, some kind of zipped files. I never handled with it. Need to try. -----Ursprüngliche Nachricht----- Von: John Coonrod [mailto:jc@thp.org] Gesendet am: Freitag, 24. März 2000 14:34 An: tomcat-user@jakarta.apache.org Betreff: RE: User Authorization Thomas - I don't really know it. I found a reference to "web application" in the servlet api http://java.sun.com/products/servlet/2.2/javadoc/index.html and it said the information "may be in the .war file" I did find some .war files, but they are not text files, so I'm mystified who to interact with them. ===== Original Message from tomcat-user@jakarta.apache.org at 3/24/00 3:00 am >I want to test user authentication, but I don't know yet what the >Servlet API Specification exactly says. > >I can define users in conf/tomcat-users.xml. >How and where are roles defined? >How are roles assigned to JSPs, servlets or servlet contexts? > >Does anybody know? >Where can I find the Servlet API Specification? > >thanks > >Thomas > > >-----Ursprüngliche Nachricht----- >Von: Craig R. McClanahan [mailto:Craig.McClanahan@eng.sun.com] >Gesendet am: Freitag, 24. März 2000 03:54 >An: tomcat-user@jakarta.apache.org >Betreff: Re: User Authorization > >John Coonrod wrote: > >> This is another question that a lot of people have asked in the past week >> and I don't feel has been answered... >> >> Does the tomcat webserver support user login and - if so - how exactly do >I >> get it to work? I'm willing to live with the simplest possible login, but >I >> want the server to require it, not each servlet or jsp. >> > >Tomcat 3.0 does not support user authentication. > >Tomcat 3.1beta1 (well, at least the most recent nightly builds, but I'm >pretty >sure it was there in the beta) has *experimental* support for user >authentication. What you do is set up users in the "conf/tomcat-users.xml" >file, and then define your security constraints in the web application >deployment descriptor, as described in the Servlet API Specification. This >has >not been extensively tested, and there's no further docs at this point. >Experimentation and bug reports are welcome! > >Craig > > > >-------------------------------------------------------------------------- >To unsubscribe, email: tomcat-user-unsubscribe@jakarta.apache.org >For additional commmands, email: tomcat-user-help@jakarta.apache.org > >-------------------------------------------------------------------------- >To unsubscribe, email: tomcat-user-unsubscribe@jakarta.apache.org >For additional commmands, email: tomcat-user-help@jakarta.apache.org ---------------- Dr. John Coonrod, Vice President, jc@thp.org The Hunger Project, 15 East 26th Street, NY, NY 10010 www.thp.org -------------------------------------------------------------------------- To unsubscribe, email: tomcat-user-unsubscribe@jakarta.apache.org For additional commmands, email: tomcat-user-help@jakarta.apache.org -------------------------------------------------------------------------- To unsubscribe, email: tomcat-user-unsubscribe@jakarta.apache.org For additional commmands, email: tomcat-user-help@jakarta.apache.org