Java Forum

Ask Question   UnAnswered
Home » Forum » Java       RSS Feeds


  Asked By: Ashan    Date: Mar 09    Category: Java    Views: 725

i am using container managed security for securing my web app.
i have a jdbc realm in my server.xml and some defined roles in my
web.xml,so far every thing is okay,problem is here:
i want to use BASIC authentication approach,and not FORM
authentication,but i don't know where should i introduce my
error page such that my error page is substituted with default
container error page,it is noticeable that i don't wanna use FORM
authentication approach.



2 Answers Found

Answer #1    Answered By: Hoor Khan     Answered On: Mar 09

You could use this tag into web.xml for example :


Protected Site
<!-- This would protect the entire site -->
<url-pattern> /* </url-pattern>
<!-- If you list http methods,
only those methods are protected -->
<http-method> DELETE </http-method>
<http-method> GET </http-method>
<http-method> POST </http-method>
<http-method> PUT </http-method>
<!-- role-name indicates roles that are allowed
to access the web  resource specified above -->


<!-- BASIC authentication  -->
<auth-method> BASIC </auth-method>
<realm-name> Example Basic Authentication </realm-name>
and then you should define role in tomcat in this address :

tags are :
<user name="tomcat" password="tomcat" roles="tomcat" />
<user name="role1" password="tomcat" roles="role1" />
<user name="both" password="tomcat" roles="tomcat,role1" />

Answer #2    Answered By: Hugo Williams     Answered On: Mar 09

Just add the following line after your <welcome-file-list> tag in your web.xml file:





Didn't find what you were looking for? Find more on CONTAINER MANAGED SECURITY PROBLEM Or get search suggestion and latest updates.