tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Birte Glimm" <B.Gl...@e-7.com>
Subject RE: How to configure basic authentication
Date Fri, 05 Jan 2001 17:29:13 GMT
Thanks, now it works as I want it.
Birte

-----Original Message-----
From: Nacho [mailto:nacho@siapi.es]
Sent: Freitag, 5. Januar 2001 17:55
To: 'tomcat-user@jakarta.apache.org'
Subject: RE: How to configure basic authentication


Hola Birte:

This is caused by the non-stardard Invoker present on your server.xml
file out of the box..

You can..

Comment or delete the invokerinterceptor line on your server.xml file
or..

Add the invoker interceptor url to your protected resources...

The invoker interceptor is de one in de line :

8<----------------------------------------------------------------------
----
        <RequestInterceptor 
            className="org.apache.tomcat.request.InvokerInterceptor" 
            debug="0" prefix="/servlet/" /> 
8<----------------------------------------------------------------------
----

As you can see in this line is where you can alter the path used in the
invoker , or delete or comment it completely, as is not needed in normal
ÇTomcat operation.

Saludos ,
Ignacio J. Ortega


> -----Mensaje original-----
> De: Birte Glimm [mailto:B.Glimm@e-7.com]
> Enviado el: viernes 5 de enero de 2001 17:36
> Para: tomcat-user@jakarta.apache.org
> Asunto: How to configure basic authentication
> 
> 
> Hi,
> I`m using tomcat 3.2.1, Win 2000 and I tried to configure a 
> servlet (Header, displays just all received Header 
> information) with basic authentication. I changed the web.xml 
> as followed:
> 
>     <servlet-mapping>
>         <servlet-name>
>             Header
>         </servlet-name>
>         <url-pattern>
>             /protected/Header
>         </url-pattern>
>     </servlet-mapping>
> 		<security-constraint>
> 			<web-resource-collection>
> 				<web-resource-name>Birtes 
> Protected Area</web-resource-name>
> 				<url-pattern>/protected/*</url-pattern>
> 				<http-method>DELETE</http-method>
> 				<http-method>GET</http-method>
> 				<http-method>POST</http-method>
> 				<http-method>PUT</http-method>
> 			</web-resource-collection>
> 			<auth-constraint>
> 				<role-name>tomcat</role-name>
> 			</auth-constraint>
> 		</security-constraint>
> 
>     <login-config>
>       <auth-method>BASIC</auth-method>
>       <realm-name>Birte</realm-name>
>     </login-config>
> 
> That works (http://localhost/myApp/protected/Header). But if 
> I enter http://localhost/myApp/servlet/Header I also get the 
> servlet but without authentication. Why and what must I do 
> that the servlet is only available with the first URL.
> 
> Thanks Birte
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, email: tomcat-user-help@jakarta.apache.org

Mime
View raw message