can you (or anyone) tell me WHAT I need to activate to enable J2EE standard
(form-based) authentication, simply using the tomcat-users.xml file? Is
there any place I can read up on this? Does this even work?
thanks,
Christian
----- Original Message -----
From: "Joakim Verona" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, December 05, 2000 11:08 AM
Subject: Re: container managed authentication - how?
> hello,
>
> try reading the server.xml file. you must activate an interceptor.
> you can choose from several.
>
> Christian Sell wrote:
> >
> > hello,
> >
> > I just installed Tomcat 3.2 and deployed my web application, which is
> > running sucessfully nuder Orion and JRun, using form-based
authentication.
> > However, Tomcat completely ignores the security-constraint settings. How
can
> > I get Tomcat to enforce this? Does Tomcat support container-managed
> > security?
> >
> > thanks in advance..
> > Christian
> >
> > BTW, Heres my web.xml, in case somebody wants to take a look:
> >
> > <?xml version="1.0" encoding="ISO-8859-1"?>
> >
> > <!DOCTYPE web-app
> > PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
> > "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd">
> >
> > <web-app>
> > <servlet>
> > <servlet-name>wcfsystem</servlet-name>
> > <display-name>wcfsystem</display-name>
> > <servlet-class>com.itsit.wcf.adaptor.WCFSystem</servlet-class>
> > <init-param>
> > <param-name>wcf.properties</param-name>
> > <param-value>/wcf.properties</param-value>
> > </init-param>
> > <load-on-startup>1</load-on-startup>
> > </servlet>
> > <session-config>
> > <session-timeout>10</session-timeout>
> > </session-config>
> > <welcome-file-list>
> > <welcome-file>index.html</welcome-file>
> > <welcome-file>index.jsp</welcome-file>
> > </welcome-file-list>
> > <security-constraint>
> > <web-resource-collection>
> > <web-resource-name>WCF Administration</web-resource-name>
> > <description>WebComponents Administration</description>
> > <url-pattern>*/WCFAdmin.jsp</url-pattern>
> > <url-pattern>*/wcfsystem</url-pattern>
> > </web-resource-collection>
> > <auth-constraint>
> > <description>Administrators only</description>
> > <role-name>admins</role-name>
> > </auth-constraint>
> > </security-constraint>
> > <login-config>
> > <auth-method>FORM</auth-method>
> > <form-login-config>
> > <form-login-page>/content/login.html</form-login-page>
> > <form-error-page>/content/loginerr.html</form-error-page>
> > </form-login-config>
> > </login-config>
> > <security-role>
> > <description>WCF Users</description>
> > <role-name>users</role-name>
> > </security-role>
> > <security-role>
> > <description>WCF Administrators</description>
> > <role-name>admins</role-name>
> > </security-role>
> > </web-app>
>
> --
> Joakim Verona
> [EMAIL PROTECTED]
> http://www.verona.se/
