Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

authentication problem

 
Dave Vick
Ranch Hand
Posts: 3244
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey everyone
I'm trying to lean more about authentication with tomcat and have been having a problem trying to restrict access to just one servlet in a webapp.
I have two servlets: servletA, and servletB.
the web.xml file looks like this:

I have a user set up in the admin role and everything works fine if I change the url-pattern to just /* in the security-constraint element. but if I try to make it /ServletB then the page is served with no checking involved. I've tried all sorts of variations of the url-pattern with no success.
Anyone have any ideas?
thanks
 
Frank Carver
Sheriff
Posts: 6920
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My guess is that it is a simple as a missing *. You are probably not getting an exact URL match with just /ServletB for whatever request(s) you are using.
Have you tried /ServletB* or /ServletB/* ?
 
Dave Vick
Ranch Hand
Posts: 3244
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the reply Frank, that was one of the patterns I tried to no avail. I figured it out, it was a typo in my xml file. I cut and pasted from one file to make the new one and muxt have gotten some extraneous character in there somehow. When I would start tomcat it sould tell me there was a problem there but I never watched the DOS window when it was starting up I always just minimized and went to work.
Oh, well, lesson learned - thanks again.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic