Java Answers

Question Asked By: Ashan Kaya on Mar 09 In Java Category.

CONTAINER MANAGED SECURITY PROBLEM

Question Answered By: Hoor Khan on Mar 09

You could use this tag into web.xml for example :


<web-app>

  <security-constraint>
    <web-resource-collection>
      <web-resource-name> 
        Protected Site 
      </web-resource-name>
      <!-- This would protect the entire site -->
      <url-pattern> /* </url-pattern>
      <!-- If you list http methods, 
            only those methods are protected -->
      <http-method> DELETE </http-method>
      <http-method> GET </http-method>
      <http-method> POST </http-method>
      <http-method> PUT </http-method>
    </web-resource-collection>
   <auth-constraint>
     <!-- role-name indicates roles that are allowed
       to access the web  resource specified above -->

 <role-name>tomcat</role-name>
     <role-name>role1</role-name>
   </auth-constraint>
 </security-constraint>

  <!-- BASIC authentication  -->
  <login-config>
    <auth-method> BASIC </auth-method>
    <realm-name> Example Basic Authentication </realm-name>
  </login-config>
 </web-app>
and then you should define role in tomcat in this address : 
TOMCAT_HOME/conf/tomcat-users.xml


tags are : 
<tomcat-users>
 <user name="tomcat" password="tomcat" roles="tomcat" />
 <user name="role1" password="tomcat" roles="role1" />
 <user name="both"  password="tomcat" roles="tomcat,role1" />
</tomcat-users>

This Question has 1 more answer(s). View Complete Question Thread

Didn't find what you were looking for? Find more on CONTAINER MANAGED SECURITY PROBLEM Or get search suggestion and latest updates.

RSS Feeds:	Articles \| Forum \| New Users \| Activities \| Interview FAQ \| Poll \| Hotlinks
Social Networking:	Hall of Fame \| Facebook \| Twitter \| LinkedIn
Terms:	Terms of Use \| Privacy Policy \| Contact us