i am using a security constraint in tomcat-users.xml for my my web root, but i am not using it for jforum. jforum is integrated in my application .war file.
I have these line in web.xml :
I do nothing in jforum to check this authentication. When this xml is enabled and i clear my session cookies in firefox or ie, i CANNOT log in to jforum. I am not seeing an error, it just says invalid user name or password. when i disable these lines, clearsessions, i have no problems.
What is going on? [originally posted on jforum.net by CJackal]
The reason I am even using the security constraint is that this is a visible developement machine. Currently I do NOT want to use the SSO feature for jforum... for now, the security constraint is in place ONLY to keep unwanted traffic off the developement machine. [originally posted on jforum.net by CJackal]