Howdy, What does your web.xml look like, specifically the security-constraint parts?
Yoav Shapira Millennium ChemInformatics >-----Original Message----- >From: Jim Lynch [mailto:[EMAIL PROTECTED] >Sent: Thursday, September 04, 2003 1:10 PM >To: tomcat >Subject: How do I stop security checks for all files? > >I'm using the basic authentication scheme, 'cause I couldn't ever make >the user type work. My pages just sat there and looped. But I'm >running into a performance problem. I have dozens of .gif files and >other things that get loaded with my page and it looks like it is >authenticating each of them and taking a bunch of time doing it. THis >is from one of the log files. I don't have the option of cutting down >the number of crappy files (gifs etc.) I have to load. 8( > >This block is repeated dozens of times. Is there any way I can avoid >all this checking for inconsequental files? > >THanks, >Jim. > >2003-09-04 09:52:15 Authenticator[/resources]: Security checking request >POST /resources/inputhours >2003-09-04 09:52:15 Authenticator[/resources]: We have cached auth type >BASIC for principal GenericPrincipal[jwl] >2003-09-04 09:52:15 Authenticator[/resources]: Checking constraint >'SecurityConstraint[resources]' against POST /inputhours --> true >2003-09-04 09:52:15 Authenticator[/resources]: Subject to constraint >SecurityConstraint[resources] >2003-09-04 09:52:15 Authenticator[/resources]: Calling checkUserData() >2003-09-04 09:52:15 Authenticator[/resources]: User data constraint >has no restrictions >2003-09-04 09:52:15 Authenticator[/resources]: Calling authenticate() >2003-09-04 09:52:15 Authenticator[/resources]: Already authenticated >'jwl' >2003-09-04 09:52:15 Authenticator[/resources]: Calling accessControl() >2003-09-04 09:52:15 JDBCRealm[/resources]: Username jwl does NOT have >role user >2003-09-04 09:52:15 JDBCRealm[/resources]: Username jwl does NOT have >role NAFO >2003-09-04 09:52:15 JDBCRealm[/resources]: Username jwl does NOT have >role ICON >2003-09-04 09:52:15 JDBCRealm[/resources]: Username jwl does NOT have >role EMEA >2003-09-04 09:52:15 JDBCRealm[/resources]: Username jwl has role admin >2003-09-04 09:52:15 Authenticator[/resources]: Successfully passed all >security constraints >2003-09-04 09:52:15 StandardContext[/resources]: Mapping >contextPath='/resources' with requestURI='/resources/inputhours' and >relativeURI='/inputhours' > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
