Have a look over the examples webapp, if you try to access http://localhost:8080/examples/jsp/security/protected you will trigger a form based auth over that webapp directory use "user" & "pass" as credentials. Look at the web.xml file contained in the examples/web-inf dir to see a working config on that. Hope this helps. Saludos , Ignacio J. Ortega > -----Mensaje original----- > De: Christian Sell [mailto:[EMAIL PROTECTED]] > Enviado el: martes 5 de diciembre de 2000 11:57 > Para: [EMAIL PROTECTED] > Asunto: Re: container managed authentication - how? > > > can you (or anyone) tell me WHAT I need to activate to enable > J2EE standard > (form-based) authentication, simply using the > tomcat-users.xml file? Is > there any place I can read up on this? Does this even work? > > thanks, > Christian > > ----- Original Message ----- > From: "Joakim Verona" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, December 05, 2000 11:08 AM > Subject: Re: container managed authentication - how? > > > > hello, > > > > try reading the server.xml file. you must activate an interceptor. > > you can choose from several. > > > > Christian Sell wrote: > > > > > > hello, > > > > > > I just installed Tomcat 3.2 and deployed my web > application, which is > > > running sucessfully nuder Orion and JRun, using form-based > authentication. > > > However, Tomcat completely ignores the > security-constraint settings. How > can > > > I get Tomcat to enforce this? Does Tomcat support > container-managed > > > security? > > > > > > thanks in advance.. > > > Christian > > > > > > BTW, Heres my web.xml, in case somebody wants to take a look: > > > > > > <?xml version="1.0" encoding="ISO-8859-1"?> > > > > > > <!DOCTYPE web-app > > > PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN" > > > "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd"> > > > > > > <web-app> > > > <servlet> > > > <servlet-name>wcfsystem</servlet-name> > > > <display-name>wcfsystem</display-name> > > > <servlet-class>com.itsit.wcf.adaptor.WCFSystem</servlet-class> > > > <init-param> > > > <param-name>wcf.properties</param-name> > > > <param-value>/wcf.properties</param-value> > > > </init-param> > > > <load-on-startup>1</load-on-startup> > > > </servlet> > > > <session-config> > > > <session-timeout>10</session-timeout> > > > </session-config> > > > <welcome-file-list> > > > <welcome-file>index.html</welcome-file> > > > <welcome-file>index.jsp</welcome-file> > > > </welcome-file-list> > > > <security-constraint> > > > <web-resource-collection> > > > <web-resource-name>WCF Administration</web-resource-name> > > > <description>WebComponents Administration</description> > > > <url-pattern>*/WCFAdmin.jsp</url-pattern> > > > <url-pattern>*/wcfsystem</url-pattern> > > > </web-resource-collection> > > > <auth-constraint> > > > <description>Administrators only</description> > > > <role-name>admins</role-name> > > > </auth-constraint> > > > </security-constraint> > > > <login-config> > > > <auth-method>FORM</auth-method> > > > <form-login-config> > > > <form-login-page>/content/login.html</form-login-page> > > > <form-error-page>/content/loginerr.html</form-error-page> > > > </form-login-config> > > > </login-config> > > > <security-role> > > > <description>WCF Users</description> > > > <role-name>users</role-name> > > > </security-role> > > > <security-role> > > > <description>WCF Administrators</description> > > > <role-name>admins</role-name> > > > </security-role> > > > </web-app> > > > > -- > > Joakim Verona > > [EMAIL PROTECTED] > > http://www.verona.se/ > >
