• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

tomcat allows access to mydomain.com:8080/myapp without password

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

my tomcat allows to access the following pages without password control:

  • mydomain.com:8080 ("It works!")
    mydomain.com:8080/myapp


  • However, password control works fine with the manager app. There is one user with the role "manager-gui".

    Where should I look for the problem?

    Thanks
    Magnus

     
    Sheriff
    Posts: 67746
    173
    Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    What have you done to set up security for the applications in question?
     
    Saloon Keeper
    Posts: 27763
    196
    Android Eclipse IDE Tomcat Server Redhat Java Linux
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Specifically have you set up any URL patterns and roles in the WEB-INF/web.xml file of the webapp?

    Have you ensured that your Tomcat webapp Context defines (or operates under) a Tomcat security Realm?
     
    reply
      Bookmark Topic Watch Topic
    • New Topic