Hi, anyone come across the situation where a webapp is coded to use FORM
based authentication but behaves as if it was using BASIC authentication i.e
OS username/password dialog pops up instead of the redirection to the login
form. The web.xml is very basic so i'm almost thinking its something in the
tomcat/eclipse configuration perhaps?
Thanks in advance.
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected
-->
<url-pattern>/*</url-pattern>
<!-- If you list http methods, only those methods are
protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access
this area -->
<role-name>tomcat</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/showLoginForm.jsp</form-login-page>
<form-error-page>/showLoginFailure.jsp</form-error-page>
</form-login-config>
</login-config>
--
View this message in context:
http://www.nabble.com/FORM-authentication-behaves-like-BASIC-authentication....-tp21476097p21476097.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
