• Post Reply Bookmark Topic Watch Topic
  • New Topic

tomcat allows access to mydomain.com:8080/myapp without password  RSS feed

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

my tomcat allows to access the following pages without password control:

  • mydomain.com:8080 ("It works!")
    mydomain.com:8080/myapp


  • However, password control works fine with the manager app. There is one user with the role "manager-gui".

    Where should I look for the problem?

    Thanks
    Magnus

     
    Author and ninkuma
    Marshal
    Posts: 66307
    152
    IntelliJ IDE Java jQuery Mac Mac OS X
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    What have you done to set up security for the applications in question?
     
    Saloon Keeper
    Posts: 18800
    74
    Android Eclipse IDE Linux
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    Specifically have you set up any URL patterns and roles in the WEB-INF/web.xml file of the webapp?

    Have you ensured that your Tomcat webapp Context defines (or operates under) a Tomcat security Realm?
     
    It is sorta covered in the JavaRanch Style Guide.
    • Post Reply Bookmark Topic Watch Topic
    • New Topic
    Boost this thread!