On 18/08/2010 10:44, K A wrote: > > Hello > > I've developed a web-application in which I'd like to have some control of > which resources are accessed by whom. My project is called "Server" in which > I've got 3 directories: "/user" which all roles are allowed to access, > "/admin" which ONLY administrators are allowed to access and "resources" in > which I've got some files which users are allowed to read and administrators > are allowed to both read and write. > > I'm using a FORM to login. The form action is "POST" and the action is > "j_security_check", the username field's name is "j_username" and the > password field's is "j_password". > I've implemented a security-check in the jsp-file itself where I'm checking > for the type of login the current user has. If the type is aproved then the > user is allowed to access the page. > > But when I test the application and try to access the files in the other > library then I've got access no matter what. This wasn't the intension. > > I've tried to follow several tutorials online but no matter what I can't get > it to work ouf the right way. > > I've tried to configure the web.xml manually but it doesn't work. I've tried > to use the "manager" through the browser but that doesn't seem to deliver the > possibility to setup those restriction.
What have you tried? > Can somebody please give me a detailed walkthrough on how to achieve this? > > I'm using TomCat 6.0, JVM 1.5.0_20 SUN and Windows XP 5.1.Thankyou very much > in advance! Why do people think it's called 'TomCat'? It's *Tomcat*. p > Best regards, > Kenneth Andersen > k_k_ander...@hotmail.com >
0x62590808.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature