Simple authentication for all deployed servlets

marcuslarsson May 23, 2003 3:50 AM

I would like to password protect all servlets deployed in a JBoss server, ie when a user opens http://hostname:8080/SomeServlet the user is asked for a password before the servlet is called. A password would be enough, since a user should have access to either all deployed servlets (everything running at http://hostname:8080/) or none (no access to anything at all at http://hostname:8080)

Is it possible to acomplish this on a system-wide level, without modifying every single servlet?

Any suggestions?

I'm using JBoss 3.0.6/Jetty.

/Marcus

1. Re: Simple authentication for all deployed servlets

petertje May 26, 2003 4:46 AM (in response to marcuslarsson)

You can secure your servlets by adding security constraints in the web.xml file. Make sure to add a jboss-web.xml file to your war as well, containing the name of the security-domain that corresponds to the name of an application-policy in the login-conf.xml

Hth
Peter.
Actions