I have created a context in the jbossweb-tomcat55.asr for sharing documents. However, I want to protect this context with a security constraint. To the best of my knowlege I have everything set up correctly, but a user is not prompted for a username/password and the context is still accessible by anyone.
I have tried to get this working by placing the following in the server.xml file in the jbossweb-tomcat55.sar directory please tell me what I am doing wrong. I am at the end of my rope:
<Host name="localhost" autoDeploy="false" deployOnStartup="false" deployXML="false" > <Context path="/media" appBase="" docBase="/windows/D/media" debug="99" reloadable="true"> <security-constraint> <web-resource-collection> <web-resource-name>blah blah blah</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>mediauser</role-name> </auth-constraint> </security-constraint> <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="com.mysql.jdbc.Driver" connectionURL="jdbc:mysql://localhost/jboss?user=jbossuser&password=password" userTable="users" userNameCol="user_name" userCredCol="user_pass" userRoleTable="user_roles" roleNameCol="role_name"/> <login-config> <auth-method>BASIC</auth-method> <realm-name>Example Realm</realm-name> </login-config> <security-role> <description>The role that is required to log in to the Manager Application</description> <role-name>mediauser</role-name> </security-role>