In my applications web.xml I have <security-constraint> <web-resource-collection> <web-resource-name>Read-WriteArea</web-resource-name> <description> accessible by users of all roles</description> <url-pattern>/*</url-pattern><!-- was /* --> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>PUT</http-method> <http-method>DELETE</http-method> </web-resource-collection>
<auth-constraint> <description>These roles are allowed access</description> <role-name>read</role-name> <role-name>rwrite</role-name> <role-name>admin</role-name> </auth-constraint> </security-constraint> If the url-pattern is /* I get my jdbc based form showing, and password authentication using mySQL. If I change it to /repository/index.jsp, i.e. the actual file used, I don't get any authentication. Any advice on what form this element should take please? TIA, DaveP **** snip here ***** -- DISCLAIMER: NOTICE: The information contained in this email and any attachments is confidential and may be privileged. If you are not the intended recipient you should not use, disclose, distribute or copy any of the content of it or of any attachment; you are requested to notify the sender immediately of your receipt of the email and then to delete it and any attachments from your system. RNIB endeavours to ensure that emails and any attachments generated by its staff are free from viruses or other contaminants. However, it cannot accept any responsibility for any such which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]