tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From K A <>
Subject Configure read/write-access in TomCat
Date Wed, 18 Aug 2010 09:44:18 GMT


I've developed a web-application in which I'd like to have some control of which resources
are accessed by whom. My project is called "Server" in which I've got 3 directories: "/user"
which all roles are allowed to access, "/admin" which ONLY administrators are allowed to access
and "resources" in which I've got some files which users are allowed to read and administrators
are allowed to both read and write.

I'm using a FORM to login. The form action is "POST" and the action is "j_security_check",
the username field's name is "j_username" and the password field's is "j_password".
I've implemented a security-check in the jsp-file itself where I'm checking for the type of
login the current user has. If the type is aproved then the user is allowed to access the

But when I test the application and try to access the files in the other library then I've
got access no matter what. This wasn't the intension. 

I've tried to follow several tutorials online but no matter what I can't get it to work ouf
the right way.

I've tried to configure the web.xml manually but it doesn't work. I've tried to use the "manager"
through the browser but that doesn't seem to deliver the possibility to setup those restriction.

Can somebody please give me a detailed walkthrough on how to achieve this?

I'm using TomCat 6.0, JVM 1.5.0_20 SUN and Windows XP 5.1.Thankyou very much in advance!

Best regards,
Kenneth Andersen
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message