Tomcat 3.2.2 on RH7.0 I created a JDBC realm as per "JDBC Realms" server.xml ... <!-- <RequestInterceptor className="org.apache.tomcat.request.SimpleRealm" debug="0" /> --> <RequestInterceptor className="org.apache.tomcat.request.JDBCRealm" debug="99" driverName="org.postgresql.Driver"
connectionURL="jdbc:postgresql://localhost/authority?user=postgres;password= postgres" userTable="users" userNameCol="user_name" userCredCol="user_pass" userRoleTable="user_roles" roleNameCol="role_name" /> ... Application in webapps/development/* WEB-INF/web.xml ... <web-app> <security-constraint> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <url-pattern>/*</url-pattern> <http-method>DELETE</http-method> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>PUT</http-method> </web-resource-collection> <auth-constraint> <role-name>tomcatRole</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>development</realm-name> </login-config> ... When I try to log in, I am prompted twice: First, a Win-like window: Please type your user name and password Site: xxx.yyy.zzz.ttt Realm: development User Name Pasword Save this password in your password list OK Cancel Then it starts loading the applet, Java console pops up, and another window (with Duke's icon) comes up: Firewall: xxx.yyy.zzz.ttt/xxx.yyy.zzz.ttt Realm: development Scheme: basic User name: Password: Yes No Once authenticated, the applet displays some data queried by a servlet. Could this be the cause for being prompted twice? I'd like to ask for username/password only once, in the beginning. How can I do that, while preventing users from logging directly into the next level? Thank you very much for your patience and support.