Hi, I have multiple applications hosted on my tomcat server which includes web services, web applications etc.
To secure the web services, we made changes to server.xml ->connector element and defined roles in tomcat-users.xml. In the web services, we made changes in the web.xml to add the security-constraint, security-role etc. However, the problem we are facing is that all the web application hosted on the Tomcat are prompting for certificate while accessing them. Is there any way to restrict the security only to a single web component on the Tomcat server rather than the entire server or all applications on the server. Thanks, Savitha
