That did it! Thanks Mark & Pid. Now to make it more complicated -- in order to have another page without that restriction, would I need to make a whole new webapp, or can I turn down the security for a specific page?
Thanks! -- Chris On Mon, Jan 10, 2011 at 2:18 PM, Pid <[email protected]> wrote: > On 1/10/11 6:58 PM, Christopher Gross wrote: > > Borrowing from another web.xml (solr's), I added this to my web.xml: > > > > <resource-env-ref> > > <description> > > Link to the UserDatabase instance from which we request lists of > > defined role names. Typically, this will be connected to the > global > > user database with a ResourceLink element in server.xml or the > context > > configuration file for the Manager web application. > > </description> > > <resource-env-ref-name>users</resource-env-ref-name> > > <resource-env-ref-type> > > org.apache.catalina.UserDatabase > > </resource-env-ref-type> > > </resource-env-ref> > > > > <security-constraint> > > <web-resource-collection> > > <web-resource-name>Monitor</web-resource-name> > > <url-pattern>/Monitor/*</url-pattern> > > <http-method>GET</http-method> > > <http-method>POST</http-method> > > </web-resource-collection> > > <auth-constraint> > > <role-name>admin</role-name> > > </auth-constraint> > > </security-constraint> > > > > <!-- Define the Login Configuration for this Application --> > > <login-config> > > <auth-method>BASIC</auth-method> > > <realm>UserDatabase</realm> > > </login-config> > > > > <security-role> > > <role-name>admin</role-name> > > </security-role> > > > > But I'm still getting through without having to authenticate. Is there > > something that I'm missing, or am I going about this all wrong? > > If 'Monitor' is the name of your Context/webapp, the above means: > > /Monitor/Monitor/* > > Try: > > <url-pattern>/*</url-pattern> > > instead. > > > p > > > > > Thanks! > > > > -- Chris > > > > > > On Mon, Jan 10, 2011 at 1:45 PM, Mark Thomas <[email protected]> wrote: > > > >> On 10/01/2011 18:43, Christopher Gross wrote: > >>> I added the security role: > >>> MemoryRealm mr = new MemoryRealm(); > >>> mr.setPathname(path + "/conf/tomcat-users.xml"); > >>> Context sp = embedded.createContext("/Monitor", path + > >>> "/webapps/monitor"); > >>> sp.setRealm(mr); > >>> sp.addSecurityRole("admin"); > >>> host.addChild(sp); > >>> > >>> Is there anything else that I need to do for the Context? > >> > >> You need to set up some security constraints in web.xml > >> > >> Mark > >> > >>> > >>> -- Chris > >>> > >>> > >>> On Mon, Jan 10, 2011 at 1:37 PM, Mark Thomas <[email protected]> wrote: > >>> > >>>> On 10/01/2011 18:16, Christopher Gross wrote: > >>>>> I created a MemoryRealm object, pointed it to my tomcat-users.xml > file, > >>>>> added that realm to the embedded (no luck) and to the specific > context > >>>> (no > >>>>> luck either). For both, it just plain loads the page -- doesn't ask > me > >>>> to > >>>>> do any type of logging in. > >>>>> > >>>>> Are you just using your own experience to help me, or are you aware > of > >>>> any > >>>>> documentation that I could peruse, instead of lobbing questions at > you > >> a > >>>> few > >>>>> times a day? :) > >>>> > >>>> Have you configured your app to require authentication? IF not the > realm > >>>> will never be used. > >>>> > >>>> Mark > >>>> > >>>>> > >>>>> -- Chris > >>>>> > >>>>> > >>>>> On Mon, Jan 10, 2011 at 12:48 PM, Pid <[email protected]> wrote: > >>>>> > >>>>>> Can you not create a org.apache.catalina.realms.MemoryRealm and set > >> the > >>>>>> path to the xml file? > >>>>>> > >>>>>> > >>>>>> p > >>>>>> > >>>>>> > >>>>> > >>>> > >>>> > >>>> --------------------------------------------------------------------- > >>>> To unsubscribe, e-mail: [email protected] > >>>> For additional commands, e-mail: [email protected] > >>>> > >>>> > >>> > >> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [email protected] > >> For additional commands, e-mail: [email protected] > >> > >> > > > >
