Hi everybody, i try to protect an administrators directory with memory realm in tomcat but it doesn't work.
In the server.xml i added <Realm className="org.apache.catalina.realm.MemoryRealm"/> In my web.xml for this Web i added the following lines: <security-constraint> <web-resource-collection> <web-resource-name>Authenticate</web-resource-name> <!-- I created a directory web in my <TOMCAT_HOME>/webapps/myapps/ which has a directory for admin only and i want to protect this directory --> <url-pattern>/web/admin/*</url-pattern> </web-resource-collection> <auth-constraint> <!-- this role is the same as in the tomcat-users.xml --> <role-name>myrole</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Authenticate</realm-name> </login-config> and last but not least i added the following line in my tomcat-users.xml: <user name="test" password="test" roles="myrole"> but it doesn't work... Did i something wrong? or have i to configure the xml files in an otherway? hope to receive help... thx Stephan -- ---------------------------------------------------------------------------------------------- Stephan Mülhaus [EMAIL PROTECTED] NWU Gesellschaft fuer Netzwerk und Kommunikation mbH Phone: +49-231-986510 - 0 FAX: +49-231-986522 - 2 ----------------------------------------------------------------------------------------------