tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rjgallac <rgallac...@ufi.com>
Subject one webapp - two security constraints
Date Tue, 02 Feb 2010 10:30:33 GMT

Hi 

I was hoping someone could help. I have searched the forums, tomcat docs and
various other sites and cant see anyone else looking to try this.

I'm looking to deploy one webapp with two urls. depending on the url one
will be asked to enter username and password and the other will not.

I was hoping this was going to be as easy as in the server.xml

<Host name="host1" appBase="webapps/files" unpackWARs="true"
autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
			<Alias>host1-rjgallac</Alias>
			<Valve className="org.apache.catalina.valves.FastCommonAccessLogValve"
directory="logs"  prefix="owl_log." suffix=".txt" pattern="common"
resolveHosts="false"/>
			<Context path="" docBase="${catalina.home}/webapps/files">
				<Resources className="org.apache.naming.resources.FileDirContext"/>
			</Context>
		</Host>
		<Host name="host2" appBase="webapps/files" unpackWARs="true"
autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
			<Alias>host2-rjgallac</Alias>
			<Context path="" docBase="${catalina.home}/webapps/files">
				<Resources className="org.apache.naming.resources.FileDirContext"/>
			</Context>
		</Host>	

and the web.xml

<security-constraint>
		<display-name>login to OWL</display-name>
		<web-resource-collection>
			<web-resource-name>host</web-resource-name>
			<url-pattern>/*</url-pattern>
		</web-resource-collection>
	  	<auth-constraint>
			<role-name>test</role-name>
	  	</auth-constraint>
        <security-role>
            <role-name>testusers</role-name>
        </security-role>   
	</security-constraint>
    
	<login-config>
		<auth-method>BASIC</auth-method>
	</login-config>


So the question is two hosts. One web app.  One protected the other not.  I
imagine I need two web.xml files to be able to achieve such a thing.

This did seem to work for a second but I think that was luck or caching or
something.  Its probably not possible to do such a thing.  My other option
is to put this in a build script to create two war files with two different
web.xml files.

Again, any help appreciated.
regards
Rob
-- 
View this message in context: http://old.nabble.com/one-webapp---two-security-constraints-tp27418280p27418280.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message