@$ cd /usr/local/tomcat/conf
@Add the following this on the web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>
My Protected WebSite
</web-resource-name>
<url-pattern> /* </url-pattern>
<http-method> GET </http-method>
<http-method> POST </http-method>
</web-resource-collection>
<auth-constraint>
<!-- the same like in your tomcat-users.conf file -->
<role-name> aname </role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method> BASIC </auth-method>
<realm-name> Basic Authentication </realm-name>
</login-config>
<security-role>
<description> aname role </description>
<role-name> aname </role-name>
</security-role>
---------------------------------------------------------------------------------------
@tomcat-users.xml
<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<role rolename="aname" />
<user username="tomcat" password="pwd" roles="manager-gui,admin-gui"/>
<user username="aname" password="pwd" roles="aname"/>
No comments:
Post a Comment