Hi ,
How is everyone doing, hope ok. I have this problem with trying to use Basic authentication with my web app. I have Tomcat 4.1.10 up and running on win 2000 machine using j2sdk1.4. Tomcat is listening on port 8443 for SSL connnections. I would like the browser to display a login box to the user when the user attempts to access a protected resource. When I try to check/test the app, It allows me into the restricted area with out having to log in. I expect to be promted to enter a user name and a password but hey nothing like thats happens. What am I doing wrong????. Please if u can help me out I will appreciate it Below is what my web.xml looks like. The manager role is the same role name I specified in tomcat-users.xml <web-app> <security-constraint> <web-resource-collection> <web-resource-name> Secure Area </web-resource-name> <url-pattern>/secure/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>manager</role-name> <role-name>tomcat</role-name> </auth-constraint> </security-constraint> <security-role> <role-name>manager</role-name> </security-role> <login-config> <auth-method>BASIC</auth-method> <realm-name>User Basic Authentication</realm-name> </login-config> </web-app> Thanks in advance Edward --------------------------------- Do you Yahoo!? New DSL Internet Access from SBC & Yahoo!