tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dave Naden" <>
Subject using Tomcat's UserDatabase realm
Date Tue, 01 Jul 2003 12:07:21 GMT
I'm implementing simple authentication (Tomcat 4.1.24), either BASIC or FORM-based, using the
UserDataBaserealm, and tomcat's tomcat-users.xml file.  My web.xml file has <security-constraint>
and <login-config> tags.  What I'm wondering is, why don't I also need to use <security-role>
tags--the spec seems to imply that they are necessary, and other servlet engines seem to use
them.  This makes applications non-portable from one engine to another.
Anybody know why Tomcat doesn't seem to use this tag?
Dave Naden

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message