Hi
I have included the org.apache.catalina.servlets.WebdavServlet
in the web.xml descriptor for my application
<servlet>
<servlet-name>WebdavServlet</servlet-name>
<servlet-class>org.apache.catalina.servlets.WebdavServlet</servlet-class
>
...
reading the minimal documentation I have been able to find it appears
that to enable webdav functionality in my application all requests
should go through the webdav servlet
so I set the mapping up as follows(I do have other Servlets of course)
<servlet-mapping>
<servlet-name>WebdavServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
Now, everything works fine.
I can view my site and open a web folder from IE6
It all falls down when I try to add security however.
If all requests have to go through the webdav servlet, then if I assign
the following constraint
<security-constraint>
<web-resource-collection>
<web-resource-name>The Webdav bit</web-resource-name>
<url-pattern>/*</url-pattern> <!-- or just
<url-pattern>/</url-pattern> -->
</web-resource-collection>
<auth-constraint>
<role-name>somerole</role-name>
</auth-constraint>
</security-constraint>
this means that no one can see my site unless they log in . Which is not
what I want of course.
I want anyone to be able to view the site but anyone trying to modify
the site should be required to log in.
How do I enable security over the webdav functionality without locking
out anyone that simply wants to view my site ?
Cheers
Confused
