RE: Basic Authentication not work for directory

2003-07-22 Thread Abid Ali Teepo 

try /document/* as the url-pattern or /document/*.doc if you want the .doc files under 
/document to be protected ...

-Original Message-
From: Daniel Zhang [mailto:[EMAIL PROTECTED]
Sent: 22. juli 2003 14:48
To: Tomcat Users List
Subject: Basic Authentication not work for directory


Hi, all -

I've configured Tomcat 4.1.18 on RH Linux 8 server.  Then I need some 
authentication for certain
directories under webapps. So I configured server.xml, web.xml and 
tomcat-users.xml creating a
role and its username with password. It works only for individual file 
with an extension name. But
never work for a directory. As you see  following code, it pops up basic 
authentication window for
all *.doc files, but does not work for files under /document directory. 
Anyone had the same experience?

= web.xml ===
 security-constraint
display-nameSecurity Check/display-name
web-resource-collection
web-resource-nameBasic Authentication/web-resource-name
url-pattern*.doc/url-pattern
url-pattern/document/*/url-pattern
http-methodGET/http-method
http-methodPOST/http-method
http-methodHEAD/http-method
http-methodPUT/http-method
/web-resource-collection
auth-constraint
role-nametom/role-name
/auth-constraint
/security-constraint

login-config
auth-methodBASIC/auth-method
realm-nameDoc Authentication/realm-name
/login-config

security-role
role-nametom/role-name
/security-role
== tomcat-users.xml =
tomcat-users
  role rolename=tom /
  role rolename=role1 /
   user name=tomcat password=tomcat roles=tom /
  user name=role1  password=tomcat roles=role1  /
  user name=both   password=tomcat roles=tom,role1 /
  /tomcat-users



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Basic Authentication not work for directory

2003-07-22 Thread Daniel Zhang 
As you see in my web.xml file, I've already put /document/* as a 
url-pattern(url-pattern/document/*/url-pattern),  the question is
under /document  directory, there are some other types of file like 
*.pdf, *.txt which need to be protected. I also have these types of file
in other directory which need to be public. So if I put *.doc, it will 
block all doc files.

BTW, /document/*.doc never work. You still can get doc file under 
document without authentication window pop-up. The only way to block doc 
file is to put *.doc between url-pattern and /url-pattern. It is not 
right as what  many tomcat documents state, is it?

-Daniel
Abid Ali Teepo wrote:
try /document/* as the url-pattern or /document/*.doc if you want the .doc files under /document to be protected ...

-Original Message-
From: Daniel Zhang [mailto:[EMAIL PROTECTED]
Sent: 22. juli 2003 14:48
To: Tomcat Users List
Subject: Basic Authentication not work for directory
Hi, all -

I've configured Tomcat 4.1.18 on RH Linux 8 server.  Then I need some 
authentication for certain
directories under webapps. So I configured server.xml, web.xml and 
tomcat-users.xml creating a
role and its username with password. It works only for individual file 
with an extension name. But
never work for a directory. As you see  following code, it pops up basic 
authentication window for
all *.doc files, but does not work for files under /document directory. 
Anyone had the same experience?

= web.xml ===
security-constraint
   display-nameSecurity Check/display-name
   web-resource-collection
   web-resource-nameBasic Authentication/web-resource-name
   url-pattern*.doc/url-pattern
   url-pattern/document/*/url-pattern
   http-methodGET/http-method
   http-methodPOST/http-method
   http-methodHEAD/http-method
   http-methodPUT/http-method
   /web-resource-collection
   auth-constraint
   role-nametom/role-name
   /auth-constraint
   /security-constraint
   login-config
   auth-methodBASIC/auth-method
   realm-nameDoc Authentication/realm-name
   /login-config
   security-role
   role-nametom/role-name
   /security-role
== tomcat-users.xml =
tomcat-users
 role rolename=tom /
 role rolename=role1 /
  user name=tomcat password=tomcat roles=tom /
 user name=role1  password=tomcat roles=role1  /
 user name=both   password=tomcat roles=tom,role1 /
 /tomcat-users
 



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]