----- Original Message -----
From: "Collins, Jim" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, April 20, 2001 2:07 PM
Subject: RE: Tomcat Authentication doesn't seem to work at all!
> You need to add a entry to the conf/tomcat-users.xml file.
>
> Jim.
>
Done!
But still no results!
> -----Original Message-----
> From: Posta Winsome [mailto:[EMAIL PROTECTED]]
> Sent: 20 April 2001 11:53
> To: Tomcat-User Mailing List
> Subject: Tomcat Authentication doesn't seem to work at all!
>
>
> Hi all.
> Sorry, but I'm a newby in Tomcat Authentication, so I have some problems
in
> my first test......
>
> In my web application, the file web.xml contains the following lines:
>
> <security-constraints>
> <web-resource-collection>
> <web-resource-name>Protected Area</web-resource-name>
> <url-pattern>my-html-document.html</url-pattern>
> <http-method>DELETE</http-method>
> <http-method>GET</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> </web-resource-collection>
>
> <auth-constraints>
> <role-name>my-role-name</role-name>
> </auth-constraints>
>
> <user-data-constraint>
> <transport-guarantee>NONE</transport-guarantee>
> </user-data-constraint>
> </security-constraints>
>
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>VPOAdmin</realm-name>
> </login-config>
>
> but despite this, I can always reach the html document in my web root.
>
>
> The same if I write:
>
> <url-pattern>/my-web-root/my-html-document.html</url-pattern>
> <url-pattern>/my-web-root/*</url-pattern>
> <url-pattern>*</url-pattern>
> .........
>
> the browser *NEVER* prompt me for users and password!
>
>
> I'm really going mad!
> I use Tomcat 3.2.1 in a Linux RH 6.2 box
>
> Any help?
> Thanks in advance.
>
>
> PLEASE READ: The information contained in this e-mail is confidential
> and intended for the named recipient(s) only. If you are not an intended
> recipient of this email you must not copy, distribute or take any
> further action in reliance on it and you should delete it and notify the
> sender immediately. Email is not a secure method of communication and
> Nomura International plc cannot accept responsibility for the accuracy
> or completeness of this message or any attachment(s). Please examine this
> e-mail for virus infection, for which Nomura International plc accepts
> no responsibility. If verification of this email is sought then please
> request a hard copy. Unless otherwise stated any views or opinions
> presented are solely those of the author and do not represent those of
> Nomura International plc. This email is intended for informational
> purposes only and is not a solicitation or offer to buy or sell
> securities or related financial instruments. Nomura International plc is
> regulated by the Securities and Futures Authority Limited and is a
> member of the London Stock Exchange.
>
