tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Javabeat <nab...@javabeat.co.uk>
Subject FORM authentication behaves like BASIC authentication....
Date Thu, 15 Jan 2009 11:50:50 GMT

Hi, anyone come across the situation where a webapp is coded to use FORM
based authentication but behaves as if it was using BASIC authentication i.e
OS username/password dialog pops up instead of the redirection to the login
form. The web.xml is very basic so i'm almost thinking its something in the
tomcat/eclipse configuration perhaps?

Thanks in advance.

	<security-constraint>
		<display-name>Example Security Constraint</display-name>
		<web-resource-collection>
			<web-resource-name>Protected Area</web-resource-name>
			<!-- Define the context-relative URL(s) to be protected -->
			<url-pattern>/*</url-pattern>
			<!-- If you list http methods, only those methods are protected -->
			<http-method>DELETE</http-method>
			<http-method>GET</http-method>
			<http-method>POST</http-method>
			<http-method>PUT</http-method>
		</web-resource-collection>
		<auth-constraint>
			<!-- Anyone with one of the listed roles may access this area -->
			<role-name>tomcat</role-name>
			<role-name>admin</role-name>
		</auth-constraint>
	</security-constraint>

	<login-config>
		<auth-method>FORM</auth-method>
		<realm-name>Example Form-Based Authentication Area</realm-name>
		<form-login-config>
			<form-login-page>/showLoginForm.jsp</form-login-page>
			<form-error-page>/showLoginFailure.jsp</form-error-page>
		</form-login-config>
	</login-config>
-- 
View this message in context: http://www.nabble.com/FORM-authentication-behaves-like-BASIC-authentication....-tp21476097p21476097.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message