tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: Starting Tomcat 6.0
Date Tue, 09 Jun 2009 19:36:49 GMT
Konstantin Kolinko wrote:
> 2009/6/9 Dick Eastlake <>:

unless I am mistaken, the OP is just trying to protect some *pages* from 
non-authenticated access.
You don't need the Security Manager for that, just stuff like 
<security-constraint> in the webapp's web.xml, no ?

The Security Manager is more for stopping some rogue webapps from doing 
things they should not, but has little to do with protecting pages or 
requiring authentication.

Dick, have a look on your system around here :

(adapt the path for your system and version).
At the end of the web.xml file there, there is a section 
<security-constraint>.  That is the kind of thing you have to do, I believe.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message