> From: Mighty Tornado [mailto:mighty.torn...@gmail.com] > Subject: Tomcat Security and Struts > > I am trying to make sure my app requires a login. So I configured the > following in my deployment descriptor: > > <security-constraint> > <web-resource-collection> > <web-resource-name>admin</web-resource-name> > <url-pattern>*.do</url-pattern> > <http-method>POST</http-method> > </web-resource-collection> > <auth-constraint> > <role-name>member</role-name> > </auth-constraint> > <user-data-constraint> > <transport-guarantee>CONFIDENTIAL</transport-guarantee> > </user-data-constraint> > </security-constraint> > <login-config> > <auth-method>FORM</auth-method> > <form-login-config> > <form-login-page>/WEB-INF/JSP/login.jsp</form-login-page> > <form-error-page>/WEB-INF/JSP/loginError.jsp</form-error-page> > </form-login-config> > </login-config>
Where is your <security-role> section? - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
