How can I add an email id to auth instead of adding a whole group? Is that possible? I don't want to give the access to all the members of the groups in the AD. Following is the web.xml of my tomcat.
<security-constraint> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <--! These are the groups in AD --> <role-name>Engineering</role- name> <role-name>Migration Expert</role-name> <role-name>Developers</role-name> </auth-constraint> </security-constraint> <security-constraint> <web-resource-collection> <url-pattern>/update/*</url-pattern> </web-resource-collection> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Services Portal</realm-name> </login-config> On Thu, Jun 14, 2012 at 8:00 PM, Pid <p...@pidster.com> wrote: > On 14/06/2012 15:06, Rahul R wrote: > > Hi All, > > > > I have an issue with allowing access to a page which is secured using > > active directory authentication. I want some pages/content to be excluded > > from this. Following is my web.xml file under conf of tomcat. > > > > > > [code=java] > > > > <security-constraint> > > <web-resource-collection> > > <web-resource-name>Protected > > Area</web-resource-name> > > <url-pattern>/*</url-pattern> > > </web-resource-collection> > > > > <auth-constraint> > > <--! These are the groups in AD --> > > <role-name>Engineering</role- > > name> > > <role-name>Migration Expert</role-name> > > <role-name>Developers</role-name> > > > > </auth-constraint> > > </security-constraint> > > > > <security-constraint> > > <web-resource-collection> > > <url-pattern>/update/*</url-pattern> > > </web-resource-collection> > > </security-constraint> > > > > <login-config> > > <auth-method>BASIC</auth-method> > > <realm-name>Services Portal</realm-name> > > </login-config> > > > > [/code] > > > > As per my understanding, this should allow url's with a content "update" > > and allow other pages only with AD credentials. But this is not working > for > > me now. Its asking for the credentials even for the url with "update". > > > > Tomcat Version:7 > > Env:Linux > > Url:http://myserver.com:8080/solar/index.jsp. Here its asking the > > credentials, its fine and as expected. > > > > url with "update" in the address: > http://myserver.com:8080/solar/site/update. > > When I access this url, its still asking for the credentials. > > This: > /solar/site/update > > does not match this pattern: > <url-pattern>/update/*</url-pattern> > > > the pattern would have to be: > <url-pattern>/site/update/*</url-pattern> > > > p > > > I am not really sure why this is happening. Could anyone here can help me > > on this? > > > > > > > -- > > [key:62590808] > > -- Thanks, Regards, Rahul R .~. /V\ // \\ /( )\ ^`~'^ Mob: 09008030921