Hi, You might be able to use the SingleSignOn Valve (see tomcat configuration reference documentation) for this.
It's OK but not recommended to put the security constraints in conf/web.xml, although that's another way to share a constraint among webapps. As for a pure, portable way to share constraints: I don't think. Web.xml by definition is for one webapp. You'd have to copy/paste the constraints or put them in a separate XML file and include that via XML entities. Yoav Shapira Millennium Research Informatics >-----Original Message----- >From: Barnet Wagman [mailto:[EMAIL PROTECTED] >Sent: Wednesday, May 26, 2004 11:53 AM >To: Tomcat Users List >Subject: Can webapps 'share' a security-constraint? > >I'd like users to be able to login once and get access to several web >apps. Is it possible for web apps to 'share' a security-contraint? > >I've tried putting the constraint into conf/web.xml That applies the >constraints to all the specified web apps managed by the server, but >users still need to log into each web app separately. > >I.e. if conf/web.xml contains a security constraint that such as > > <security-constraint> > <display-name>Site access constraint</display-name> > <web-resource-collection> > <web-resource-name>Protected > Area</web-resource-name> > <url-pattern>/WebApp_A/*</url-pattern> > <url-pattern>/WebApp_B/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>a_defined_role</role-name> > </auth-constraint> > </security-constraint> > > >(webapps/Web_App_A/WEB-INF/web.xml and webapps/Web_App_B/WEB-INF/web.xml >do not contain a security-constraint.) >(By the way, I don't know if putting a security constraint in >conf/web.xml is legitimate.) > >The constraint will apply to WebApp_A and WebApp_B >When a user access a page in WebApp_A, she is required to login. If, >after a successful login, she accesses a page in WebApp_B, she will >have to log in again. Is there a way to force the first login to apply >to all the listed web-apps? > >Thanks, > >bw This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]