tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jim Henderson" <...@metafile.com>
Subject Override WAR file security settings.
Date Mon, 22 Aug 2005 20:12:55 GMT
I am working on a web application that can be used in two ways at the same
time depending on its URL.  The original WAR file has a web.xml that defines
tight security requiring form authentication with id and password.

In Tomcat’s server.xml I have two Contexts with different paths but to the
same docBase.  I can override various Resource and Environment settings
differently for each Context.  However, the war file by default defines
(among many other things):

	<security-constraint>
	<login-config>
	<security-role>

In one of the server.xml context definitions, I want to undefine the above
items (so the application just asks for the user ID).  Is that possible?  Or
is there some other way to neutralize them in the server.xml file?  The
application works as desired if I edit the deployed application’s web.XML
(located in webapps/… directory after Tomcat deploys the war file) and
completely remove the above settings.

The other mode (Context) requires the use of the above items and that works
OK.

Hope the above makes sense or have I abbreviated the description too much?

Thanks,
Jim



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message