the protected images
and stylesheet, Tomcat has to redirect the request back to the login page
again.
rgds,
Jo.-
- Original Message -
From: Angela Stempfel [EMAIL PROTECTED]
To: tomcat-user@jakarta.apache.org
Sent: Friday, June 03, 2005 4:53 PM
Subject: security constraints in tomcat 4.1.30
Hello all
I have a problem concerning Tomcat 4.1.30. In web.xml i defined several
security constraint. First of all I protected the whole application and
then I excluded the directories with images and css files. Furthermore I
defined some roles.
pre
security-constraint
Angela Stempfel wrote:
Hello all
I have a problem concerning Tomcat 4.1.30. In web.xml i defined several
security constraint. First of all I protected the whole application and
then I excluded the directories with images and css files. Furthermore I
defined some roles.
snip
So my problem
Along with what Mark said, you should know that TC 4.1.30 stops checking
after the *first* matching constraint (so in your case, the '/*' always
wins). Try reversing the order of your constraints in web.xml.
As Mark mentioned, this has changed in TC 5.x, and your web.xml should work
as