tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bryan Basham <>
Subject WAR security question
Date Thu, 28 Sep 2000 16:41:51 GMT
Here's my question in a nutshell:
When using HTTP-based authentication how does the developer
(or WAR deployer) configure the password of a given "security role"?

I am trying to test the HTTP authentication mechanisms.  I have a sample
Web application that has a simple servlet and I have created a security
role in the web.xml file:


I then added a security constraint:


When I deploy this WAR and access this servlet, my browser prompts me
for a login/password.  I give the USER login, but I don't know what
password it will accept.  Shouldn't there be a field in the WAR Dep. Desc.
that specifies the password?

Thanks for your help,

| Bryan Basham                          | "You are not an isolated entity, but
| Java Courseware Developer             |  a unique, irreplaceable part of the
| Sun Educational Services              |  cosmos.  Don't forget this.  You are
|   Phone: 1-303-272-8766  (x78766)     |  an essential piece of the puzzle of
|  E-mail: Bryan.Basham@Sun.COM         |  humanity."
| Address: 500 Eldorado Blvd            |
|          MailStop: UBRM05-135         |  -- The Art of Living, Epictetus
|          Broomfield, CO 80021         |     (trans. Sharon Lebell)

View raw message