Anyone have any thoughts on this? On 9/30/05, David Johnson <[EMAIL PROTECTED]> wrote: > > Hi all. > > I think I'm doing something wrong. I'veadded the following to my web > application to use http-basicis there anything else I need to do to ensure > anyone logging in like this has full access to the app? > > <!-- Define a security constraint on this application --> > <security-constraint> > <web-resource-collection> > <web-resource-name>Entire Application</web-resource-name> > > <url-pattern>/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <!-- This role is not in the default user directory --> > <role-name>manager</role-name> > > </auth-constraint> > </security-constraint> > > <!-- Define the login configuration for this application --> > <login-config> > <auth-method>BASIC</auth-method> > <realm-name>My Application</realm-name> > > </login-config> > > <!-- Security roles referenced by this web application --> > <security-role> > <description> > The role that is required to log in to the Application > </description> > > <role-name>manager</role-name> > </security-role> > > > > -- > -Dave > [EMAIL PROTECTED]
-- -Dave [EMAIL PROTECTED]