tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <>
Subject Re: BASIC Authentication
Date Fri, 06 Oct 2000 19:40:20 GMT
Micky Mimo wrote:

> What is not working is that no authentication page is coming up prompting me
> for a login and password. The context-relative path is
> http://localhost:8080/secure/index.html . This path does not pop up an
> authentication dialog. The logical path is /usr/local/tomcat/webapps/secure

And here is where your problem is.  The security constraint you originally
posted will work if you put it in the root context's web.xml, and there is no
"/secure" webapp.

> I put the web.xml in /usr/local/tomcat/webapps/secure/WEB-INF/web.xml

In other words, your *context path* is "/secure", right?  If you want to protect
everything in this web app, use a context-relative URL pattern like this:


Remember, the "context relative" part that you put into the url pattern starts
*after* the context path.

> I want the index.html in /usr/local/tomcat/webapps/secure to prompt the user
> for a login dialog box.
> Eventually I will want this to function outside of the tomcat directory.
> Such as /home/me/secure

You would do this by configuring a <Context> entry in the server.xml file,
something like this:

    <Context path="/secure"

and the URL pattern would still remain "/*" to protect all of this webapp.

> /===============================\
> | Micky Mimo                    |

Craig McClanahan

See you at ApacheCon Europe <>!
Session VS01 (23-Oct 13h00-17h00):  Sun Technical Briefing
Session T06  (24-Oct 14h00-15h00):  Migrating Apache JServ
                                    Applications to Tomcat

View raw message