Web application protection with Tomcat
Hi everyone,
I want to protect my web application and the protection process is not working properly.
I have made locally and the following:
In web.xml of the web application I have made the following entries:
In tomcat-users.xml (In TomcatHome/conf) was added to this:Code:<!-- Define a security constraint on this application --> <security-constraint> <web-resource-collection> <web-resource-name>mmv-swf</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <!-- This role is not in the default user directory --> <role-name>mmv-swf</role-name> </auth-constraint> </security-constraint> <!-- Define the login configuration for this application --> <login-config> <auth-method>BASIC</auth-method> <realm-name>mmv-swf</realm-name> </login-config> <!-- Security roles referenced by this web application --> <security-role> <description> The role that is required to log in to the Manager Application </description> <role-name>mmv-swf</role-name> </security-role>
Under the new launch of the web server and run the Web Aplikation I get a window that requires the user name here and your password. I give the user name (test) and password (test), entered into tomcat-users.xml, but it requires the user name and password again, and again, again ...Code:<role rolename="mmv-swf"/> <user username="test" password="test" roles="mmv-swf"/>
Now I do not know what I did wrong.
Can someone please help me?
Thanks in advance.
Reply With Quote