Which connector are you using? Is this TC stand-alone or TC + Apache? IF this is TC + Apache AND the "files you're protecting" happen to be static content, it's possible Apache is serving them and bypassing your security constraints. If, for example, you're running TC + Apache + mod_jk (my setup), then I can personally guarantee you that this will be the exact behavior with static content :-) LOL I spent several hours trying to set up a security constraint on a FULLY STATIC application (/tomcat-docs) before I stopped and realized that there was no way it COULD protect it!
If this fits your situation, you need to look at how Apache can deny access to the directory - or - change it to dynamic content (JSPs instead of HTMLs). Regards, Eddie Kevin Andryc wrote: >I was wondering how I can protect certain servlet subdirectories. For >example, lets say that in WEB-INF/classes I have two subdirectories: app1 >and app2. How do I use the security-constraint to protect (force the user to >login) app1 but not have them login to classes in app2? I have tried this in >my web.xml file, but the login page doesn't appear and I go directly to the >page: > ><security-constraint> > <display-name>Example Security Constraint</display-name> > <web-resource-collection> > <web-resource-name>Protected Area</web-resource-name> > <url-pattern>/servlet/app1.*</url-pattern> > <http-method>DELETE</http-method> > <http-method>GET</http-method> > <http-method>POST</http-method> > <http-method>PUT</http-method> > </web-resource-collection> > <auth-constraint> > <role-name>usr</role-name> > </auth-constraint> > </security-constraint> > >Is this possible? If so, how can this be achieved? > >Kevin > >Kevin Andryc >Web Systems Engineer >MISER >http://www.umass.edu/miser/ >Phone: (413)-545-3460 >[EMAIL PROTECTED] > > > > > >-- >To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
