On 14/06/2012 15:06, Rahul R wrote: > Hi All, > > I have an issue with allowing access to a page which is secured using > active directory authentication. I want some pages/content to be excluded > from this. Following is my web.xml file under conf of tomcat. > > > [code=java] > > <security-constraint> > <web-resource-collection> > <web-resource-name>Protected > Area</web-resource-name> > <url-pattern>/*</url-pattern> > </web-resource-collection> > > <auth-constraint> > <--! These are the groups in AD --> > <role-name>Engineering</role- > name> > <role-name>Migration Expert</role-name> > <role-name>Developers</role-name> > > </auth-constraint> > </security-constraint> > > <security-constraint> > <web-resource-collection> > <url-pattern>/update/*</url-pattern> > </web-resource-collection> > </security-constraint> > > <login-config> > <auth-method>BASIC</auth-method> > <realm-name>Services Portal</realm-name> > </login-config> > > [/code] > > As per my understanding, this should allow url's with a content "update" > and allow other pages only with AD credentials. But this is not working for > me now. Its asking for the credentials even for the url with "update". > > Tomcat Version:7 > Env:Linux > Url:http://myserver.com:8080/solar/index.jsp. Here its asking the > credentials, its fine and as expected. > > url with "update" in the address: http://myserver.com:8080/solar/site/update. > When I access this url, its still asking for the credentials.
This: /solar/site/update does not match this pattern: <url-pattern>/update/*</url-pattern> the pattern would have to be: <url-pattern>/site/update/*</url-pattern> p > I am not really sure why this is happening. Could anyone here can help me > on this? > > -- [key:62590808]
signature.asc
Description: OpenPGP digital signature
