Thanks for the response. I would like to have both roles go as far down the tree as possible. But, from a browser, have Root role authentication and their inherent read-only permissions, and from a dav client: Webdav role authentication and full access to the file system.
>From: "Terrence Szeto" <[EMAIL PROTECTED]> >Reply-To: "Tomcat Users List" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Re: auth-constraint question >Date: Tue, 11 Jun 2002 17:03:23 -0400 > > > >One thing you can do is use filters to further restrict users. > >So write a filter, which checks for user roles, and foward the ones you >don't want to go further "down" your directory. > >Don't forget to map the filter in the web.xml file so tomcat knows where to >restrict. > >hope that helps > > >Terrence > > >From: "Mark Larson" <[EMAIL PROTECTED]> >Reply-To: "Tomcat Users List" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: auth-constraint question >Date: Tue, 11 Jun 2002 13:13:46 -0700 >MIME-Version: 1.0 >X-Originating-IP: [216.101.100.252] >Received: from [192.18.49.131] by hotmail.com (3.2) with ESMTP id >MHotMailBECFA50A003C4004318FC01231838DE70; Tue, 11 Jun 2002 13:14:02 -0700 >Received: (qmail 20437 invoked by uid 97); 11 Jun 2002 20:13:50 -0000 >Received: (qmail 20423 invoked by uid 98); 11 Jun 2002 20:13:50 -0000 >From tomcat-user-return-22211-t3szeto Tue, 11 Jun 2002 13:15:44 -0700 >Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm >Precedence: bulk >List-Unsubscribe: <mailto:[EMAIL PROTECTED]> >List-Subscribe: <mailto:[EMAIL PROTECTED]> >List-Help: <mailto:[EMAIL PROTECTED]> >List-Post: <mailto:[EMAIL PROTECTED]> >List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org> >Delivered-To: mailing list [EMAIL PROTECTED] >X-Antivirus: nagoya (v4198 created Apr 24 2002) >Message-ID: <[EMAIL PROTECTED]> >X-OriginalArrivalTime: 11 Jun 2002 20:13:47.0123 (UTC) >FILETIME=[7E3F5430:01C21184] >X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N > >Hello, >I am running tomcat 4 stand-alone on Win NT4, using authentication with >mysql (working just fine) on my entire site/webapp. I have a Webdav role >and >a Root role defined and need to use both of them in the same webapp. >My entire site is password protected. When I connect with my webdav client, >it allows my Webdav role users to login as planned, but normal Root users >can log in as well. How can I distinguish between these constraints? Below >is a snippet of my web-inf/web.xml... >Thanks in advance, >Mark > > ><!-- Define a Security Constraint on this Application --> > <security-constraint> > <web-resource-collection> > <web-resource-name>mysite</web-resource-name> > <url-pattern>/*</url-pattern> > </web-resource-collection> > > <auth-constraint> > <role-name>Root</role-name> > <role-name>Webdav</role-name> > </auth-constraint> > </security-constraint> > > > <!-- Define the Login Configuration for this Application --> > <login-config> > <auth-method>BASIC</auth-method> > <realm-name>mysite</realm-name> > </login-config> > >_________________________________________________________________ >Send and receive Hotmail on your mobile device: http://mobile.msn.com > > >-- >To unsubscribe, e-mail: ><mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: ><mailto:[EMAIL PROTECTED]> > >_________________________________________________________________ >Join the world�s largest e-mail service with MSN Hotmail. >http://www.hotmail.com > > >-- >To unsubscribe, e-mail: ><mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: ><mailto:[EMAIL PROTECTED]> > _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
