tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Neil Aggarwal <n...@JAMMConsulting.com>
Subject Confused about authentication
Date Tue, 26 Dec 2000 19:32:18 GMT
Hello:

I am confused about how I can get users to authenticate
themselves before accessing a servlet in my web application.

I tried to look at th archive of this list, but the search
function is broken.

Therefore, I have been reading the servlet 2.3 specification and 
added the following lines to my application's web.xml file:
    <security-role>
        <role-name>admin</role-name>
    </security-role>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>AdminServlet</web-resource-name>
            <url-pattern>/videosearch/servlet/AdminServlet</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>admin</role-name>
        </auth-constraint>
    </security-constraint>

But, when I visit /videosearch/servlet/AdminServlet, I get
the result from the servlet without it asking for a login.

Also, I dont understand how I can set-up the password.

Any guidance would really help.


Thanks,
	Neil.

--
Neil Aggarwal
JAMM Consulting, Inc. -- (972) 612-6056, http://www.JAMMConsulting.com
Custom Internet Development -- Java, JSP, servlets, databases

Mime
View raw message