Win a copy of The Business Blockchain this week in the Cloud forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

BASIC login window doesn't show up

 
Jan Sterk
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm trying to add security to my app. When the restricted servlet is called, then instead of a login window, a 403 error is shown.

web.xml:

tomcat-users.xml:

Anyone got an idea what's wrong? I tried FF 3.0 and IE.
 
Kathiresan Chinnasamy
Ranch Hand
Posts: 65
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Jan Sterk
In <Web-resource-collection> tag you have to mention which HTTP method going to use for specified user..

If there is no http method , it would mean that No http methods allowed to anyone

Example <http-method>GET</http-method> it should be inside the tag of <Web-resource-collection>
Here GET method is allowed which you mentioned user

note:
Here Http methods like Get, post etc..
 
Jan Sterk
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Kathiresan.

I don't think that the <http-method> has anything to do with it. I tried it, but no luck.

The element is optional. If it omitted, then all methods (i.e. the whole servlet) is restricted.

Aren't you confusing it with the <auth-constraint> element?
 
Dee Brown
Ranch Hand
Posts: 94
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I believe it should be:

<login-config>...</login-config>

Also, the url should be: .....somepage.do
 
Jan Sterk
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Dee Brown:
I believe it should be:

<login-config>...</login-config>

..


Yes! That does the trick! Thanks a lot, Dee.

Btw strange thing that Tomcat doesn't complain when it sees an invalid web.xml element. Something to keep in mind..
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic