I asked this earlier, but I still got problems with it. I upgraded to 4.1.18, but I got some problems with security constraints.
I have applied a security constraint on a particular url pattern. Only certain users with a special rolename can access that link. The data transportation is also secure, therefore I put in a <transport-guarantee> in web.xml <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> It used to work but now the page does not load with v4.1.18. I got a blank page instead of a login page. Is SSL implemented differently v4.1.18 that prevents my application from working like before? I think it has to do with rolenames. I put in the needed role in tomcat-user.xml already. Did I miss something? Is there any documentation on tomcat v4.1.18 SSL security stuff? Here is my security constraint in web.xml: <!-- Secure form URLs of the form http://localhost/Prefix/mypage require SSL and are redirected to https://localhost/Prefix/mypage --> <security-constraint> <web-resource-collection> <web-resource-name>SSLspecial</web-resource-name> <url-pattern>/protectedpage/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>specialrole</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>