tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ed Thompson" <ethomps...@carolina.rr.com>
Subject Re: security_constraint question
Date Sat, 22 Jun 2002 20:47:15 GMT
Thanx, that did it!

----- Original Message -----
From: "Mark A. Richman" <mark@markrichman.com>
To: "'Tomcat Users List'" <tomcat-user@jakarta.apache.org>
Sent: Saturday, June 22, 2002 4:23 PM
Subject: RE: security_constraint question


> Try replacing:
>
> <url-pattern>/comics</url-pattern>
> <url-pattern>/comics/*</url-pattern>
>
> with:
>
> <url-pattern>/*</url-pattern>
>
> This applies the security constraint to your web app (not the root of
> the server). The former would only be effective on
> http://thompson3:8080/comics/comics/.
>
> - Mark
>
>
> -----Original Message-----
> From: Ed Thompson [mailto:ethompson7@carolina.rr.com]
> Sent: Saturday, June 22, 2002 3:42 PM
> To: Tomcat Users List
> Subject: security_constraint question
>
> OK, rookie question....
>
> I have a file in $TOMCAT_HOME/webapps/comics  (index.html)
>
> $TOMCAT_HOME/webapps/comics/WEB-INF/web.xml has:
>
>     <security-constraint>
>       <web-resource-collection>
>          <web-resource-name>Protected Area</web-resource-name>
>      <!-- Define the context-relative URL(s) to be protected -->
>          <url-pattern>/comics</url-pattern>
>          <url-pattern>/comics/*</url-pattern>
>      <!-- If you list http methods, only those methods are protected -->
>      <http-method>DELETE</http-method>
>          <http-method>GET</http-method>
>          <http-method>POST</http-method>
>      <http-method>PUT</http-method>
>       </web-resource-collection>
>       <auth-constraint>
>          <!-- Anyone with one of the listed roles may access this area
> -->
>          <role-name>comics</role-name>
>       </auth-constraint>
>     </security-constraint>
>
> I have is set up for BASIC as my auth-method.  Pretty much cut and paste
> form the examples directory.
>
> However, on my browser when I go to //thompson3:8080/comics, it takes me
> right to index.html.
> Why does it not require me to login first?  What have a missed in the
> Tomcat
> configuration?
>
> Help greatly appreciate - been struggling with this for a couple of
> days...
>
> (PS - the examples works great - going to
> //thompson3:8080/examples/jsp/security/protected forces a login)
>
>
>
>
>
> --
> To unsubscribe, e-mail:
> <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
> <mailto:tomcat-user-help@jakarta.apache.org>
>
>
>
>
>
> --
> To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>
>



--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message