tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Giorgio Ponza" <gior...@opla.it>
Subject Tomcat and security-constraint
Date Wed, 02 Apr 2003 08:28:17 GMT
Hi all
My conf:
Tomcat 4.1.18 LE JDK1.4
Apache 2.0.44 with openssl
mod_jk

I want to secure a JSP page, but not with authentication, only with HTTPS
support.
So i added the lines in WEB.XML

<security-constraint>
  <web-resource-collection>
      <web-resource-name>Test securing JSP pages</web-resource-name>
          <description>Test securing JSP pages</description>
          <url-pattern>/jsp/users/*.jsp</url-pattern>
  </web-resource-collection>
       <user-data-constraint>
           <transport-guarantee>CONFIDENTIAL</transport-guarantee>
       </user-data-constraint>
</security-constraint>

but Tomcat logs says: ##### No Realm has been configured to authenticate
against
So i uncommented MemoryRealm (i think is not the right Realm)
and it now says
ContextConfig[]: Configured an authenticator for method NONE

and obviously the pages in /jsp/users continue to use simple HTTP transport
protocol

Can anyone tell me what i have to configure, or which Realm i have to use ?
Tx in advance

Giorgio Ponza



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message