This is my web.xml DD
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app>
<
servlet>
<servlet-name>Ch3 Beer</servlet-name>
<servlet-class>com.example.web.BeerSelect</servlet-class>
</servlet>
<security-role><role-name>admin</role-name></security-role>
<servlet-mapping>
<servlet-name>Ch3 Beer</servlet-name>
<url-pattern>/SelectBeer.do</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>form.html</welcome-file>
</welcome-file-list>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<securtiy-constraint>
<web-resource-collection>
<url-pattern>/beerv1/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-gurantee>CONFIDENTIAL</transport-gurantee>
</user-data-constraint>
</securtiy-constraint>
</web-app>
This is my tomcat-users.xml file
<?xml version="1.0" encoding="utf-8" ?>
- <tomcat-users>
<role rolename="manager" />
<role rolename="admin" />
<user username="admin" password="" roles="admin,manager" />
</tomcat-users>
Instead of asking for login when trying to access "localhost:8080/beerv1/form.html" , it is allowing me to access it without asking for user id and password. What is the problem?
Thanks in advance.