Hi All, I have an issue with allowing access to a page which is secured using active directory authentication. I want some pages/content to be excluded from this. Following is my web.xml file under conf of tomcat.
[code=java] <security-constraint> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <--! These are the groups in AD --> <role-name>Engineering</role- name> <role-name>Migration Expert</role-name> <role-name>Developers</role-name> </auth-constraint> </security-constraint> <security-constraint> <web-resource-collection> <url-pattern>/update/*</url-pattern> </web-resource-collection> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Services Portal</realm-name> </login-config> [/code] As per my understanding, this should allow url's with a content "update" and allow other pages only with AD credentials. But this is not working for me now. Its asking for the credentials even for the url with "update". Tomcat Version:7 Env:Linux Url:http://myserver.com:8080/solar/index.jsp. Here its asking the credentials, its fine and as expected. url with "update" in the address: http://myserver.com:8080/solar/site/update. When I access this url, its still asking for the credentials. I am not really sure why this is happening. Could anyone here can help me on this? -- Thanks, Regards, Rahul R