I figured it out -- I just needed to put the one application that I wanted
to be secure in the security-constraint section, then let the other ones not
require authentication.
-- Chris
On Mon, Jan 10, 2011 at 2:41 PM, Christopher Gross <cogr...@gmail.com>wrote:
> That did it! Thanks Mark & Pid.
>
> Now to make it more complicated -- in order to have another page without
> that restriction, would I need to make a whole new webapp, or can I turn
> down the security for a specific page?
>
> Thanks!
>
> -- Chris
>
>
>
> On Mon, Jan 10, 2011 at 2:18 PM, Pid <p...@pidster.com> wrote:
>
>> On 1/10/11 6:58 PM, Christopher Gross wrote:
>> > Borrowing from another web.xml (solr's), I added this to my web.xml:
>> >
>> > <resource-env-ref>
>> > <description>
>> > Link to the UserDatabase instance from which we request lists of
>> > defined role names. Typically, this will be connected to the
>> global
>> > user database with a ResourceLink element in server.xml or the
>> context
>> > configuration file for the Manager web application.
>> > </description>
>> > <resource-env-ref-name>users</resource-env-ref-name>
>> > <resource-env-ref-type>
>> > org.apache.catalina.UserDatabase
>> > </resource-env-ref-type>
>> > </resource-env-ref>
>> >
>> > <security-constraint>
>> > <web-resource-collection>
>> > <web-resource-name>Monitor</web-resource-name>
>> > <url-pattern>/Monitor/*</url-pattern>
>> > <http-method>GET</http-method>
>> > <http-method>POST</http-method>
>> > </web-resource-collection>
>> > <auth-constraint>
>> > <role-name>admin</role-name>
>> > </auth-constraint>
>> > </security-constraint>
>> >
>> > <!-- Define the Login Configuration for this Application -->
>> > <login-config>
>> > <auth-method>BASIC</auth-method>
>> > <realm>UserDatabase</realm>
>> > </login-config>
>> >
>> > <security-role>
>> > <role-name>admin</role-name>
>> > </security-role>
>> >
>> > But I'm still getting through without having to authenticate. Is there
>> > something that I'm missing, or am I going about this all wrong?
>>
>> If 'Monitor' is the name of your Context/webapp, the above means:
>>
>> /Monitor/Monitor/*
>>
>> Try:
>>
>> <url-pattern>/*</url-pattern>
>>
>> instead.
>>
>>
>> p
>>
>> >
>> > Thanks!
>> >
>> > -- Chris
>> >
>> >
>> > On Mon, Jan 10, 2011 at 1:45 PM, Mark Thomas <ma...@apache.org> wrote:
>> >
>> >> On 10/01/2011 18:43, Christopher Gross wrote:
>> >>> I added the security role:
>> >>> MemoryRealm mr = new MemoryRealm();
>> >>> mr.setPathname(path + "/conf/tomcat-users.xml");
>> >>> Context sp = embedded.createContext("/Monitor", path +
>> >>> "/webapps/monitor");
>> >>> sp.setRealm(mr);
>> >>> sp.addSecurityRole("admin");
>> >>> host.addChild(sp);
>> >>>
>> >>> Is there anything else that I need to do for the Context?
>> >>
>> >> You need to set up some security constraints in web.xml
>> >>
>> >> Mark
>> >>
>> >>>
>> >>> -- Chris
>> >>>
>> >>>
>> >>> On Mon, Jan 10, 2011 at 1:37 PM, Mark Thomas <ma...@apache.org>
>> wrote:
>> >>>
>> >>>> On 10/01/2011 18:16, Christopher Gross wrote:
>> >>>>> I created a MemoryRealm object, pointed it to my tomcat-users.xml
>> file,
>> >>>>> added that realm to the embedded (no luck) and to the specific
>> context
>> >>>> (no
>> >>>>> luck either). For both, it just plain loads the page -- doesn't ask
>> me
>> >>>> to
>> >>>>> do any type of logging in.
>> >>>>>
>> >>>>> Are you just using your own experience to help me, or are you aware
>> of
>> >>>> any
>> >>>>> documentation that I could peruse, instead of lobbing questions at
>> you
>> >> a
>> >>>> few
>> >>>>> times a day? :)
>> >>>>
>> >>>> Have you configured your app to require authentication? IF not the
>> realm
>> >>>> will never be used.
>> >>>>
>> >>>> Mark
>> >>>>
>> >>>>>
>> >>>>> -- Chris
>> >>>>>
>> >>>>>
>> >>>>> On Mon, Jan 10, 2011 at 12:48 PM, Pid <p...@pidster.com> wrote:
>> >>>>>
>> >>>>>> Can you not create a org.apache.catalina.realms.MemoryRealm and set
>> >> the
>> >>>>>> path to the xml file?
>> >>>>>>
>> >>>>>>
>> >>>>>> p
>> >>>>>>
>> >>>>>>
>> >>>>>
>> >>>>
>> >>>>
>> >>>> ---------------------------------------------------------------------
>> >>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> >>>> For additional commands, e-mail: users-h...@tomcat.apache.org
>> >>>>
>> >>>>
>> >>>
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>> >> For additional commands, e-mail: users-h...@tomcat.apache.org
>> >>
>> >>
>> >
>>
>>
>
