Hi,
I'd like to protect tomcat status page with a login/password authentication.
To do so, I've created a security domain to status application :
<application-policy name="status-console">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
<module-option name="usersProperties">props/status-console-users.properties</module-option>
<module-option name="rolesProperties">props/status-console-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
and referenced it in deploy/jbossws.sar/jbossws-management.war/WEB-INF/jboss-web.xml :
<jboss-web>
<!-- A security domain that restricts access -->
<security-domain>java:/jaas/status-console</security-domain>
<context-root>jbossws</context-root>
</jboss-web>
But, authentication does not work. I'm not prompted to provide login / password.
Do you know if it's possible to implement such authentication ?
Is my configuration wrong ?
Thanks in advance for your support.
Regards.