RE: Override WAR file security settings.
By the lack of response to my question, I take it that it is not possible to override the following web.xml settings by redefining them in Tomcats server.xml security-constraint login-config security-role Any changes to those values must be made after the application has been deployed by editing the deployed web.xml. Is that correct? There is now way to override then as can be done with Environment values? Can someone confirm this or have I just missed something in the Tomcat documentation? Thanks -Original Message- From: Jim Henderson [mailto:[EMAIL PROTECTED] Sent: Monday, August 22, 2005 3:13 PM To: tomcat-user@jakarta.apache.org Subject: Override WAR file security settings. I am working on a web application that can be used in two ways at the same time depending on its URL. The original WAR file has a web.xml that defines tight security requiring form authentication with id and password. In Tomcats server.xml I have two Contexts with different paths but to the same docBase. I can override various Resource and Environment settings differently for each Context. However, the war file by default defines (among many other things): security-constraint login-config security-role In one of the server.xml context definitions, I want to undefine the above items (so the application just asks for the user ID). Is that possible? Or is there some other way to neutralize them in the server.xml file? The application works as desired if I edit the deployed applications web.XML (located in webapps/ directory after Tomcat deploys the war file) and completely remove the above settings. The other mode (Context) requires the use of the above items and that works OK. Hope the above makes sense or have I abbreviated the description too much? Thanks, Jim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Override WAR file security settings.
I can confirm that you can't override these web.xml settings in server.xml It should be simple enough in Ant to generate two .war files that only differ by the web.xml file Mark Jim Henderson wrote: By the lack of response to my question, I take it that it is not possible to override the following web.xml settings by redefining them in Tomcat’s server.xml security-constraint login-config security-role Any changes to those values must be made after the application has been deployed by editing the deployed web.xml. Is that correct? There is now way to override then as can be done with Environment values? Can someone confirm this or have I just missed something in the Tomcat documentation? Thanks -Original Message- From: Jim Henderson [mailto:[EMAIL PROTECTED] Sent: Monday, August 22, 2005 3:13 PM To: tomcat-user@jakarta.apache.org Subject: Override WAR file security settings. I am working on a web application that can be used in two ways at the same time depending on its URL. The original WAR file has a web.xml that defines tight security requiring form authentication with id and password. In Tomcat’s server.xml I have two Contexts with different paths but to the same docBase. I can override various Resource and Environment settings differently for each Context. However, the war file by default defines (among many other things): security-constraint login-config security-role In one of the server.xml context definitions, I want to undefine the above items (so the application just asks for the user ID). Is that possible? Or is there some other way to neutralize them in the server.xml file? The application works as desired if I edit the deployed application’s web.XML (located in webapps/… directory after Tomcat deploys the war file) and completely remove the above settings. The other mode (Context) requires the use of the above items and that works OK. Hope the above makes sense or have I abbreviated the description too much? Thanks, Jim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Override WAR file security settings.
Thank you, thank you, thank you! I have looked for over a day using GOOGLE, etc., just to be sure I was not missing anything! Again, thanks! -Original Message- From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 23, 2005 4:00 PM To: Tomcat Users List Subject: Re: Override WAR file security settings. I can confirm that you can't override these web.xml settings in server.xml It should be simple enough in Ant to generate two .war files that only differ by the web.xml file Mark Jim Henderson wrote: By the lack of response to my question, I take it that it is not possible to override the following web.xml settings by redefining them in Tomcat’s server.xml security-constraint login-config security-role Any changes to those values must be made after the application has been deployed by editing the deployed web.xml. Is that correct? There is now way to override then as can be done with Environment values? Can someone confirm this or have I just missed something in the Tomcat documentation? Thanks -Original Message- From: Jim Henderson [mailto:[EMAIL PROTECTED] Sent: Monday, August 22, 2005 3:13 PM To: tomcat-user@jakarta.apache.org Subject: Override WAR file security settings. I am working on a web application that can be used in two ways at the same time depending on its URL. The original WAR file has a web.xml that defines tight security requiring form authentication with id and password. In Tomcat’s server.xml I have two Contexts with different paths but to the same docBase. I can override various Resource and Environment settings differently for each Context. However, the war file by default defines (among many other things): security-constraint login-config security-role In one of the server.xml context definitions, I want to undefine the above items (so the application just asks for the user ID). Is that possible? Or is there some other way to neutralize them in the server.xml file? The application works as desired if I edit the deployed application’s web.XML (located in webapps/… directory after Tomcat deploys the war file) and completely remove the above settings. The other mode (Context) requires the use of the above items and that works OK. Hope the above makes sense or have I abbreviated the description too much? Thanks, Jim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Override WAR file security settings.
I am working on a web application that can be used in two ways at the same time depending on its URL. The original WAR file has a web.xml that defines tight security requiring form authentication with id and password. In Tomcats server.xml I have two Contexts with different paths but to the same docBase. I can override various Resource and Environment settings differently for each Context. However, the war file by default defines (among many other things): security-constraint login-config security-role In one of the server.xml context definitions, I want to undefine the above items (so the application just asks for the user ID). Is that possible? Or is there some other way to neutralize them in the server.xml file? The application works as desired if I edit the deployed applications web.XML (located in webapps/ directory after Tomcat deploys the war file) and completely remove the above settings. The other mode (Context) requires the use of the above items and that works OK. Hope the above makes sense or have I abbreviated the description too much? Thanks, Jim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]