"Diogenes Gomes" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Thank you very much Caldarale. > > Please, do you know how to define "any role"? The framework I use > takes care of authorization (based on service's methods). I only need > to authenticate the user, otherwise I would double the access > configuration. >
There is a backwards compatible setting on the <Realm />. You add the attribute allRolesMode="authOnly", and Tomcat will revert to it's 5.0 behavior. > Diogenes > > 2008/1/24, Caldarale, Charles R <[EMAIL PROTECTED]>: >> > From: Diogenes Gomes [mailto:[EMAIL PROTECTED] >> > Subject: Problem with protecting pages in Tomcat 5.5 >> > >> > <auth-constraint> >> > <role-name>*</role-name> >> > </auth-constraint> >> >> IIRC, 5.0 misinterpreted a <role-name> setting of *; this was corrected >> in 5.5 and above. The asterisk does not mean "any role", but rather >> "all defined roles". (See section 12 of the servlet spec.) You need to >> provide a set of valid roles via <security-role> in your web.xml file. >> >> > <Context debug="99" docBase="${catalina.home}/webapps/testeweb" >> > path="/testeweb"> >> >> Take out the docBase and path attributes - they're not allowed when the >> <Context> element is in META-INF/context.xml (where it should be). >> >> - Chuck >> >> >> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY >> MATERIAL and is thus for use only by the intended recipient. If you >> received this in error, please contact the sender and delete the e-mail >> and its attachments from all computers. >> >> --------------------------------------------------------------------- >> To start a new topic, e-mail: users@tomcat.apache.org >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]