Hi all. I think I'm doing something wrong. I'veadded the following to my web application to use http-basicis there anything else I need to do to ensure anyone logging in like this has full access to the app?
<!-- Define a security constraint on this application --> <security-constraint> <web-resource-collection> <web-resource-name>Entire Application</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <!-- This role is not in the default user directory --> <role-name>manager</role-name> </auth-constraint> </security-constraint> <!-- Define the login configuration for this application --> <login-config> <auth-method>BASIC</auth-method> <realm-name>My Application</realm-name> </login-config> <!-- Security roles referenced by this web application --> <security-role> <description> The role that is required to log in to the Application </description> <role-name>manager</role-name> </security-role> -- -Dave [EMAIL PROTECTED]