<auth-constraint> <!-- Anyone with one of the listed roles may access this area --> <role-name>tomcat</role-name> <role-name>role1</role-name> </auth-constraint> this is one part in web.xml dd file, i just can define roles but can't define the password corresponding with roles.how can help?
Sun Certified Java Programmer<br />Sun Certified Web Component Developer
Hi Niu, there is a file called tomcat-users.xml in the conf under tomcat-root. There you can insert users and map those users to roles. (There are allready example users in the file) This is for separating programmer and deployer role. The programmer can use reusable roles in his app and its the responsability of the deployer or the administrator to map those roles to actual users. In commercial app-servers you are not constrained to such a simple file-based user-administration. You can use ldap or rdbms. But the mechanism stays the same. The roles are mapped to actual users at deployment time. Axel