One problem is with your url-pattern -- it is missing a leading slash on
the front. Try /test/* instead of test/*.
Craig
On Wed, 8 Aug 2001, Amrhein, Thomas wrote:
Hi,
I wrote my own Realm, which connects to an EJB via JNDI. The EJB is looking
at a database.
I modified JDBCRealm and put it in my own package.
I configured tomcat 3.2.3 (see above) and it started fine. The realm inited
the connection to JBoss.
The problem: the Realm is not used. I can access all the protected pages.
Has anybody an answer?
And who does the console output (see above)? It comes once for each webapp.
It's not me in my realm.
regards,
Thomas
my server.xml looks like this:
RequestInterceptor
className=de.tsystems.JNDIJDBCRealm
userNameCol=KENNUNG
userCredCol=PASSWORT
userTable=IBENUTZER
userRoleTable=IBENUTZER
roleNameCol=ROLLE
/
my web.xml like this:
security-constraint
web-resource-collection
web-resource-nameProtected Area/web-resource-name
!-- Define the context-relative URL(s) to be protected --
url-patterntest/*/url-pattern
/web-resource-collection
auth-constraint
!-- Anyone with one of the listed roles may access this area --
role-nameTestrolle/role-name
/auth-constraint
/security-constraint
!-- Default login configuration uses BASIC authentication --
login-config
auth-methodBASIC/auth-method
realm-nameExample Basic Authentication Area/realm-name
/login-config
The console output like this:
2001-08-08 17:36:58 - ContextManager: JNDIJDBCRealm: JDBCRealm has been
started succesfully
