tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joakim Verona <joa...@verona.se>
Subject Re: container managed authentication - how?
Date Tue, 05 Dec 2000 10:08:19 GMT
hello,

try reading the server.xml file. you must activate an interceptor.
you can choose from several. 

Christian Sell wrote:
> 
> hello,
> 
> I just installed Tomcat 3.2 and deployed my web application, which is
> running sucessfully nuder Orion and JRun, using form-based authentication.
> However, Tomcat completely ignores the security-constraint settings. How can
> I get Tomcat to enforce this? Does Tomcat support container-managed
> security?
> 
> thanks in advance..
> Christian
> 
> BTW, Heres my web.xml, in case somebody wants to take a look:
> 
> <?xml version="1.0" encoding="ISO-8859-1"?>
> 
> <!DOCTYPE web-app
>   PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
>   "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd">
> 
> <web-app>
>  <servlet>
>   <servlet-name>wcfsystem</servlet-name>
>   <display-name>wcfsystem</display-name>
>   <servlet-class>com.itsit.wcf.adaptor.WCFSystem</servlet-class>
>   <init-param>
>    <param-name>wcf.properties</param-name>
>    <param-value>/wcf.properties</param-value>
>   </init-param>
>   <load-on-startup>1</load-on-startup>
>  </servlet>
>    <session-config>
>       <session-timeout>10</session-timeout>
>    </session-config>
>    <welcome-file-list>
>       <welcome-file>index.html</welcome-file>
>       <welcome-file>index.jsp</welcome-file>
>    </welcome-file-list>
>  <security-constraint>
>   <web-resource-collection>
>    <web-resource-name>WCF Administration</web-resource-name>
>    <description>WebComponents Administration</description>
>    <url-pattern>*/WCFAdmin.jsp</url-pattern>
>    <url-pattern>*/wcfsystem</url-pattern>
>   </web-resource-collection>
>   <auth-constraint>
>    <description>Administrators only</description>
>    <role-name>admins</role-name>
>   </auth-constraint>
>  </security-constraint>
>  <login-config>
>   <auth-method>FORM</auth-method>
>       <form-login-config>
>          <form-login-page>/content/login.html</form-login-page>
>          <form-error-page>/content/loginerr.html</form-error-page>
>       </form-login-config>
>  </login-config>
>  <security-role>
>   <description>WCF Users</description>
>   <role-name>users</role-name>
>  </security-role>
>  <security-role>
>   <description>WCF Administrators</description>
>   <role-name>admins</role-name>
>  </security-role>
> </web-app>

-- 
Joakim Verona
joakim@verona.se
http://www.verona.se/

Mime
View raw message