Craig:
Yes, that was it! Thanks!
To summarize for those that are still having trouble:
To make Tomcat require authentication for a give URL, add
these lines in the <web-app> tag in the web.xml file for
a tomcat application (NOTE: The URL pattern should not include the
application's context). Here is an example:
<security-constraint>
<web-resource-collection>
<web-resource-name>AdminServlet</web-resource-name>
<url-pattern>/servlet/AdminServlet</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Admin</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
The passwords need to be placed in the
/usr/local/jakarta-tomcat-3.2.1/conf/tomcat-users.xml file:
<user name="admin" password="[password]" roles="admin" />
Thanks,
Neil.
--
Neil Aggarwal
JAMM Consulting, Inc. -- (972) 612-6056, http://www.JAMMConsulting.com
Custom Internet Development -- Java, JSP, servlets, databases
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
