tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Stempfel <>
Subject security constraints in tomcat 4.1.30
Date Fri, 03 Jun 2005 06:53:27 GMT
Hello all

I have a problem concerning Tomcat 4.1.30. In web.xml i defined several 
security constraint. First of all I protected the whole application and 
then I excluded the directories with images and css files. Furthermore I 
defined some roles.

		<display-name>TCE GUI</display-name>
			<web-resource-name>WEBGui Area</web-resource-name>
			<!-- Define the context-relative URL(s) to be protected -->
			<!-- Anyone with one of the listed roles may access this area -->

			<web-resource-name>Images and CSS Not Protected</web-resource-name>

		<display-name>DSLAM Configuration</display-name>
				Access to DSLAM Configuration


So my problem is that this works fine with Tomcat 5.0 but not with 
Tomcat 4.1.30. If I go to the login page, the stylesheet and images are 
not found when running the Application with version 4.1.30. Also the 
Security Constraints are not working correctly, this means that a user 
that hasn't the role "dslamConfig" is able to enter the following URL: 

Has anyone some ideas?

Thanks a lot

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message