Tomcat 3.2.2 on RH7.0
I created a JDBC realm as per "JDBC Realms"
server.xml
...
<!--
<RequestInterceptor
className="org.apache.tomcat.request.SimpleRealm"
debug="0" />
-->
<RequestInterceptor
className="org.apache.tomcat.request.JDBCRealm"
debug="99"
driverName="org.postgresql.Driver"
connectionURL="jdbc:postgresql://localhost/authority?user=postgres;password=
postgres"
userTable="users"
userNameCol="user_name"
userCredCol="user_pass"
userRoleTable="user_roles"
roleNameCol="role_name" />
...
Application in webapps/development/*
WEB-INF/web.xml
...
<web-app>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>tomcatRole</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>development</realm-name>
</login-config>
...
When I try to log in, I am prompted twice:
First, a Win-like window:
Please type your user name and password
Site: xxx.yyy.zzz.ttt
Realm: development
User Name
Pasword
Save this password in your password list
OK Cancel
Then it starts loading the applet, Java console pops up, and another window
(with Duke's icon) comes up:
Firewall: xxx.yyy.zzz.ttt/xxx.yyy.zzz.ttt
Realm: development
Scheme: basic
User name:
Password:
Yes No
Once authenticated, the applet displays some data queried by a servlet.
Could this be the cause for being prompted twice?
I'd like to ask for username/password only once, in the beginning. How can I
do that, while preventing users from logging directly into the next level?
Thank you very much for your patience and support.
