filnaly it done thanks 4 all On 2/3/06, David Delbecq <[EMAIL PROTECTED]> wrote: > > Everything that correspond to the security-constraint on your web.xml is > 'protected' and need authentification. > When you are authenticated, field request.getRemoteUser() is not null > anymore. > Be carefull, > > <url-pattern>/saraf/*</url-pattern> > > in security constraint mean the secure area is > http://<server>/saraf/saraf/* > > If your secure area is > http://<server>/saraf/protected/* > then the url pattern is /protected/* > > Prashant Saraf a écrit : > > >i think problem should be web.xml but still it gives following problem > >1)You are logged in as remote user *null* in session * > >2AD5AC97008551CE1EDD510E06AE6E1F > > > >*WHICH SHOULD NOT* > >* 2)how should tomcat know that protected is protected > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
-- Cup of Java + Suger of XML = Secure WebApp