I'm trying to allow users to upload their files to their context via webdav on a Tomcat 4.0.2 server over SSL and with auth-constraints on who can upload stuff (I've tried it without auth-constraints and it works as expected). I've followed the basic template offered at:
http://www.jguru.com/faq/view.jsp?EID=544213 Unfortunately, Tomcat doesn't seem to be requiring the webdav client to present the http auth login prompt. I've tried logging in as: https://username:password@server/context and that seems not to make a difference. If I try to PUT a file (this is with the cadaver client) I get a 302 error instead of a 403 as I would expect: dav:/blah/> put foo.html Uploading foo.html to `/blah/foo.html': Progress: [=============================>] 100.0% of 255 bytes failed: 302 Moved Temporarily My auth config in the context web.xml looks like the following: <security-constraint> <web-resource-collection> <web-resource-name>The Entire Web</web-resource-name> <url-pattern>/*</url-pattern> <http-method>COPY</http-method> <http-method>DELETE</http-method> <http-method>MOVE</http-method> <http-method>POST</http-method> <http-method>PUT</http-method> <http-method>LOCK</http-method> </web-resource-collection> <auth-constraint> <role-name>manager</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Blah realm</realm-name> </login-config> <security-role> <description>An example role defined in a JNDI realm</description> <role-name>manager</role-name> </security-role> does anyone have any hints on what I might be doing wrong? Thanks, Adi -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
