0 Replies Latest reply on Nov 5, 2006 9:05 AM by jfrankman

    How do you secure static content?


      I have created a context in the jbossweb-tomcat55.asr for sharing documents. However, I want to protect this context with a security constraint. To the best of my knowlege I have everything set up correctly, but a user is not prompted for a username/password and the context is still accessible by anyone.

      I have tried to get this working by placing the following in the server.xml file in the jbossweb-tomcat55.sar directory please tell me what I am doing wrong. I am at the end of my rope:

       <Host name="localhost"
       autoDeploy="false" deployOnStartup="false" deployXML="false" >
      <Context path="/media" appBase="" docBase="/windows/D/media" debug="99" reloadable="true">
       <web-resource-name>blah blah blah</web-resource-name>
       <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
       userTable="users" userNameCol="user_name" userCredCol="user_pass"
       userRoleTable="user_roles" roleNameCol="role_name"/>
       <realm-name>Example Realm</realm-name>
       <description>The role that is required to log in to
       the Manager Application</description>