Hi all.
I think I'm doing something wrong. I'veadded the following to my web
application to use http-basicis there anything else I need to do to ensure
anyone logging in like this has full access to the app?
<!-- Define a security constraint on this application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- This role is not in the default user directory -->
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
<!-- Define the login configuration for this application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>My Application</realm-name>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to the Application
</description>
<role-name>manager</role-name>
</security-role>
--
-Dave
[EMAIL PROTECTED]
