> After adding the <"RequestInterceptor
> className="org.apache.tomcat.request.JDBCRealm"......> in
> server.xml, what's
> needed to be in web.xml file.
You need to add your roles for the app and configure your login
method. i.e.
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/security/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<!-- BASIC/BROWSER BASED -->
<!--
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Whatever Here</realm-name>
</login-config>
-->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Whatever Here</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
You can have as many resources as you wish and multiple roles.
This all is quite well documented in the documentation and if you
look at example files included with tomcat. Please refer to these
files for information if you have questions.
---
Michael Wentzel
Software Developer
Software As We Think - http://www.aswethink.com
