tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rahul R <rahul.ra...@gmail.com>
Subject Re: Exclude url from authorized access-web.xml
Date Thu, 12 Jul 2012 06:55:18 GMT
How can I add an email id to auth instead of adding a whole group? Is that
possible? I don't want to give the access to all the members of the groups
in the AD. Following is the web.xml of my tomcat.

<security-constraint>
                <web-resource-collection>
                        <web-resource-name>Protected
Area</web-resource-name>
                        <url-pattern>/*</url-pattern>
                </web-resource-collection>

                <auth-constraint>
<--! These are the groups in AD -->
                        <role-name>Engineering</role- name>
                        <role-name>Migration Expert</role-name>
                        <role-name>Developers</role-name>

                </auth-constraint>
        </security-constraint>

  <security-constraint>
   <web-resource-collection>
      <url-pattern>/update/*</url-pattern>
   </web-resource-collection>
  </security-constraint>

        <login-config>
                <auth-method>BASIC</auth-method>
                <realm-name>Services Portal</realm-name>
        </login-config>


On Thu, Jun 14, 2012 at 8:00 PM, Pid <pid@pidster.com> wrote:

> On 14/06/2012 15:06, Rahul R wrote:
> > Hi All,
> >
> > I have an issue with allowing access to a page which is secured using
> > active directory authentication. I want some pages/content to be excluded
> > from this. Following is my web.xml file under conf of tomcat.
> >
> >
> > [code=java]
> >
> > <security-constraint>
> >                 <web-resource-collection>
> >                         <web-resource-name>Protected
> > Area</web-resource-name>
> >                         <url-pattern>/*</url-pattern>
> >                 </web-resource-collection>
> >
> >                 <auth-constraint>
> > <--! These are the groups in AD -->
> >                         <role-name>Engineering</role-
> > name>
> >                         <role-name>Migration Expert</role-name>
> >                         <role-name>Developers</role-name>
> >
> >                 </auth-constraint>
> >         </security-constraint>
> >
> >   <security-constraint>
> >    <web-resource-collection>
> >       <url-pattern>/update/*</url-pattern>
> >    </web-resource-collection>
> >   </security-constraint>
> >
> >         <login-config>
> >                 <auth-method>BASIC</auth-method>
> >                 <realm-name>Services Portal</realm-name>
> >         </login-config>
> >
> > [/code]
> >
> > As per my understanding, this should allow url's with a content "update"
> > and allow other pages only with AD credentials. But this is not working
> for
> > me now. Its asking for the credentials even for the url with "update".
> >
> > Tomcat Version:7
> > Env:Linux
> > Url:http://myserver.com:8080/solar/index.jsp. Here its asking the
> > credentials, its fine and as expected.
> >
> > url with "update" in the address:
> http://myserver.com:8080/solar/site/update.
> > When I access this url, its still asking for the credentials.
>
> This:
>  /solar/site/update
>
> does not match this pattern:
>  <url-pattern>/update/*</url-pattern>
>
>
> the pattern would have to be:
>  <url-pattern>/site/update/*</url-pattern>
>
>
> p
>
> > I am not really sure why this is happening. Could anyone here can help me
> > on this?
> >
> >
>
>
> --
>
> [key:62590808]
>
>


-- 
Thanks,
Regards,
Rahul R

  .~.
  /V\
 // \\
/(   )\
 ^`~'^

Mob: 09008030921

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message