configuring security in Tomcat
Hi Guys,
I have declarative security for my application. When ever I go to a restricted page using Tomcat I go straight there without being propmted for a username and password. Am I doing somthing wrong in my web.xml? web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>CheckUsers</web-resource-name>
<url-pattern>*.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-contraint>
<role-name>test</role-name>
</auth-contraint>
<user-data-constraint>CONFIDENTIAL</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginerror.jsp</form-error-page>
</form-login-config>
</login-config>
could someone please advise?
Thanks and Regards
Adz - Its all about the JSPs baby!
__________________
Adz - Learning The J2EE Ways.
|