one webapp - two security constraints

Tue, 02 Feb 2010 02:31:06 -0800 

Hi 

I was hoping someone could help. I have searched the forums, tomcat docs and
various other sites and cant see anyone else looking to try this.

I'm looking to deploy one webapp with two urls. depending on the url one
will be asked to enter username and password and the other will not.

I was hoping this was going to be as easy as in the server.xml

<Host name="host1" appBase="webapps/files" unpackWARs="true"
autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
                        <Alias>host1-rjgallac</Alias>
                        <Valve 
className="org.apache.catalina.valves.FastCommonAccessLogValve"
directory="logs"  prefix="owl_log." suffix=".txt" pattern="common"
resolveHosts="false"/>
                        <Context path="" 
docBase="${catalina.home}/webapps/files">
                                <Resources 
className="org.apache.naming.resources.FileDirContext"/>
                        </Context>
                </Host>
                <Host name="host2" appBase="webapps/files" unpackWARs="true"
autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
                        <Alias>host2-rjgallac</Alias>
                        <Context path="" 
docBase="${catalina.home}/webapps/files">
                                <Resources 
className="org.apache.naming.resources.FileDirContext"/>
                        </Context>
                </Host> 

and the web.xml

<security-constraint>
                <display-name>login to OWL</display-name>
                <web-resource-collection>
                        <web-resource-name>host</web-resource-name>
                        <url-pattern>/*</url-pattern>
                </web-resource-collection>
                <auth-constraint>
                        <role-name>test</role-name>
                </auth-constraint>
        <security-role>
            <role-name>testusers</role-name>
        </security-role>   
        </security-constraint>
    
        <login-config>
                <auth-method>BASIC</auth-method>
        </login-config>


So the question is two hosts. One web app.  One protected the other not.  I
imagine I need two web.xml files to be able to achieve such a thing.

This did seem to work for a second but I think that was luck or caching or
something.  Its probably not possible to do such a thing.  My other option
is to put this in a build script to create two war files with two different
web.xml files.

Again, any help appreciated.
regards
Rob
-- 
View this message in context: 
http://old.nabble.com/one-webapp---two-security-constraints-tp27418280p27418280.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to