login dialog is presented, but no matter what Id/pw I provide I cannot login. Here is the web.xml that I am using and the tomcat-users.xml
<?xml version='1.0' encoding='utf-8'?> <tomcat-users> <role rolename="vsn-offsh"/> <role rolename="tomcat"/> <role rolename="role1"/> <role rolename="manager"/> <role rolename="admin"/> <user username="tomcat" password="tomcat" roles="tomcat"/> <user username="role1" password="tomcat" roles="role1"/> <user username="both" password="tomcat" roles="tomcat,role1"/> <user username="bob" password="9f9d51bc70ef21ca5c14f307980a29d8" roles="vsn-offsh"/> <user username="admin" password="fc5e038d38a57032085441e7fe7010b0" roles="admin,manager"/> </tomcat-users> <?xml version="1.0" encoding="ISO-8859-1"?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"; version="2.4"> <display-name>Vision Application Logs</display-name> <!-- Define a Security Constraint on this Application --> <security-constraint> <web-resource-collection> <web-resource-name>applogs</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>vsn-offsh</role-name> </auth-constraint> </security-constraint> <!-- Define the Login Configuration for this Application --> <login-config> <auth-method>DIGEST</auth-method> <realm-name>applogs</realm-name> </login-config> <!-- Security roles referenced by this Web application --> <security-role> <role-name>vsn-offsh</role-name> </security-role> </web-app> On Thu, Oct 21, 2010 at 9:43 AM, Keith Masten <spmdt...@gmail.com> wrote: > I made the change Chuck suggested and it now prompts me for userid/pw. I > now have to setup the proper user access to make the setup complete. > > > On Thu, Oct 21, 2010 at 9:34 AM, Keith Masten <spmdt...@gmail.com> wrote: > >> Thank you for pointing that out Chuck, I will make that adjustment. >> >> >> On Thu, Oct 21, 2010 at 9:16 AM, Caldarale, Charles R < >> chuck.caldar...@unisys.com> wrote: >> >>> > From: Keith Masten [mailto:spmdt...@gmail.com] >>> > Subject: Re: Securing A Directory Listing >>> >>> > This does not work. >>> >>> Be more specific. >>> >>> > <url-pattern>/applogs/*</url-pattern> >>> >>> I suspect you erroneously included the path to the webapp in the above. >>> I you specify just "/*", the entire webapp will be protected; what you have >>> protects only /applogs underneath the webapp. >>> >>> - Chuck >>> >>> >>> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY >>> MATERIAL and is thus for use only by the intended recipient. If you received >>> this in error, please contact the sender and delete the e-mail and its >>> attachments from all computers. >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>> >> >
