I would like to password protect all servlets deployed in a JBoss server, ie when a user opens http://hostname:8080/SomeServlet the user is asked for a password before the servlet is called. A password would be enough, since a user should have access to either all deployed servlets (everything running at http://hostname:8080/) or none (no access to anything at all at http://hostname:8080)
Is it possible to acomplish this on a system-wide level, without modifying every single servlet?
I'm using JBoss 3.0.6/Jetty.
You can secure your servlets by adding security constraints in the web.xml file. Make sure to add a jboss-web.xml file to your war as well, containing the name of the security-domain that corresponds to the name of an application-policy in the login-conf.xml