tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Johnson <chach...@gmail.com>
Subject Setting up HTTP Basic for a full Web-App
Date Fri, 30 Sep 2005 18:53:58 GMT
Hi all.

I think I'm doing something wrong. I'veadded the following to my web
application to use http-basicis there anything else I need to do to ensure
anyone logging in like this has full access to the app?

<!-- Define a security constraint on this application -->
<security-constraint>
  <web-resource-collection>
    <web-resource-name>Entire Application</web-resource-name>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
    <!-- This role is not in the default user directory -->
    <role-name>manager</role-name>
  </auth-constraint>
</security-constraint> 			

<!-- Define the login configuration for this application -->
<login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>My Application</realm-name>
</login-config>

<!-- Security roles referenced by this web application -->
<security-role>
  <description>
    The role that is required to log in to the Application
  </description>
  <role-name>manager</role-name>
</security-role>



--
-Dave
ChaChaNY@Gmail.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message