2 Replies Latest reply on Jun 29, 2004 9:52 AM by Anders Görtz

    Auth. problems with tomcat

    Anders Görtz Newbie


      I've got a war file which I would like to protect through username and password authentication. I've added the following in web.xml in the .war file:
      Protected Site
      <!-- This would protect the entire site -->
      <url-pattern> /* </url-pattern>
      <!-- If you list http methods,
      only those methods are protected -->
      <http-method> DELETE </http-method>
      <http-method> GET </http-method>
      <http-method> POST </http-method>
      <http-method> PUT </http-method>
      <!-- Roles that have access -->
      <role-name> viewer </role-name>

      <!-- BASIC authentication -->
      <auth-method> BASIC </auth-method>
      <realm-name> Example Basic Authentication </realm-name>

      <!-- Define security roles -->
      Test role
      <role-name> viewer </role-name>

      Also I have added a file called tomcat-users. xml in the jbossweb-tomcat41.sar/META-INF folder, looking like this:

      <?xml version="1.0" encoding="UTF-8"?>


      When a type the URL for the .war I do get a authentication screen from IE but it passes me on to the war file's index.html regardless of what login I do give.