OK, rookie question....
I have a file in $TOMCAT_HOME/webapps/comics (index.html)
$TOMCAT_HOME/webapps/comics/WEB-INF/web.xml has:
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/comics</url-pattern>
<url-pattern>/comics/*</url-pattern>
<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>comics</role-name>
</auth-constraint>
</security-constraint>
I have is set up for BASIC as my auth-method. Pretty much cut and paste
form the examples directory.
However, on my browser when I go to //thompson3:8080/comics, it takes me
right to index.html.
Why does it not require me to login first? What have a missed in the Tomcat
configuration?
Help greatly appreciate - been struggling with this for a couple of days...
(PS - the examples works great - going to
//thompson3:8080/examples/jsp/security/protected forces a login)
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
