I have that in the server.xml still no luck
<security-constraint>
<display-name>Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>secure</web-resource-name>
<web-resource-name>Restricted Access - Get Only</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>role1</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Management Reports</realm-name>
<form-login-config>
<form-login-page>/index.jsp</form-login-page>
<form-error-page>/errorpage.jsp</form-error-page>
</form-login-config>
</login-config>
-----Original Message-----
From: Konstantin Kolinko [mailto:[email protected]]
Sent: Thursday, February 16, 2012 1:59 PM
To: Tomcat Users List
Subject: Re: Basic Authentication Valve not hitting on Tomcat7.0.20
2012/2/16 Christopher Schultz <[email protected]>:
>
> On 2/16/12 8:26 AM, Sachin Mehrotra wrote:
>> <login-config> <auth-method>BASIC</auth-method> <realm-name>My App
>> Realm</realm-name> </login-config>
>
> I believe if you set <auth-method> to BASIC, Tomcat will add its own
> Valve to the valve chain. If you don't set the <auth-method> here but
> still add your <Valve> to context.xml, does that improve things?
>
IIRC Tomcat would not add Authenticator valve if one is already there, so this
tip is useless.
Anyway you can always run Tomcat under debugger (see FAQ ->
Development) and see what really is going on.
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
