tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Urtzi Larrazabal <ur...@esi.es>
Subject RE: Restricting Access to Web Resources
Date Thu, 06 Jun 2002 13:11:40 GMT
ohh!! you are right !

But now, when I try to access to my aplication I am prompted for a user and a password,and
if I introduce tomcat user and tomcat password I can't access. Where must be defined the users
with access permisions, I mean where must I especify the <role-name>tomcat</role-name>
??
In the directory /conf/users there are some files:admin-users.xml    example-users.xml  global-users.xml
  tomcat-users.xml


thanks a lot !

-----Original Message-----
From: John Burgess [mailto:John@riskdecisions.com]
Sent: jueves 6 de junio de 2002 14:54
To: Tomcat Users List
Subject: RE: Restricting Access to Web Resources


I believe the URL you want is /* 
i.e. the /MyApp is assumed since you are defining the constraint in the
MyApp context

Best Wishes
John Burgess
john@riskdecisions.com
Tel: 01865 718666 
Fax: 01865 718600


-----Original Message-----
From: Urtzi Larrazabal [mailto:urtzi@esi.es]
Sent: Thursday, June 06, 2002 10:01 AM
To: 'Tomcat Users List'
Subject: Restricting Access to Web Resources




Hi friends,

I am trying to protect my application with an authentification but I don't
know why my security constraint is ignored. When I access to the application
I'm not prompted for a user and a password. Does anyone know what am I doing
wrong?


#cd webapps/Myaplicaion/WEB-INF
#more web.xml
<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
    "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">


<web-app>

        <security-constraint>
                <web-resource-collection>
                        <web-resource-name>
                                Restricted Area
                        </web-resource-name>
                        <url-pattern>/Myaplication/*</url-pattern>
                </web-resource-collection>
                <auth-constraint>
                        <role-name>tomcat</role-name>
                </auth-constraint>
        </security-constraint>


        <login-config>
                <auth-method>BASIC</auth-method>
                <realm-name>My Secure Test Area</realm-name>
        </login-config>

</web-app>


regards,

Urtzi Larrazabal

--
To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.365 / Virus Database: 202 - Release Date: 24/05/02
 

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.365 / Virus Database: 202 - Release Date: 24/05/02
 

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message