Thanks Christopher for the quick reply. Pls, see my answer to your
questions below:
Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Shilpa,
Shilpa Arora wrote:
<security-constraint>
<web-resource-collection>
<web-resource-name>register-ucr</web-resource-name>
<url-pattern>/pages/about.html</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>register-ucr</realm-name>
</login-config>
This configuration looks okay.
When we try to access the page we give in <url-pattern>, we get an error
in IE, error 404: file not found.
Where is your file? Is it possible that your file is in the wrong place?
Is the 404 error being returned by Tomcat or are you using Apache httpd
to serve static pages?
The file is in at correct place as page shows up fine if no security
constraint is used and we are NOT using httpd to serve static pages.
And when we simply give
*<url-pattern>/*</url-pattern>* , strange thing is it doesn't prompt for
the user name and just shows us the page directly with no error as if
there was no change.
Once you login once with BASIC authentication, you are basically logged
in until you close your browser. Have you tried that? Or, use a
different browser or another separate instance of MSIE in order to test?
I know that I've made similar mistakes when testing this kind of
thing... the browser and server agree that you /are/ logged-in, but you
don't think you should be.
We tried closing the browser and reopening and also tried using a
separate instance of MSIE. We have been trying with both Mozilla and MSIE.
We also made change in server.xml of tomcat. Where we commented the
UserDatabaseRealm reference and uncommented the MemoryRealm reference.
The choice of realm should not matter (assuming that the allowed users
are the same). Once you are logged-in using BASIC auth, changing the
realm won't affect anything (since you are already logged-in).
But when do we actually login with the BASIC auth. It never prompted us
for anything.
In our application, we are using Struts as well.
Struts should not be interfering, here. As you pointed out, you are
trying to serve a static file (about.html), so Struts should not be
involved.
its a struts application and about.html is one static page we tried
thinking it would be a base case to get working first.
- -chris
Thanks for your help.
Regards,
Shilpa
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFsRHB9CaO5/Lv0PARAji5AJ92i0i316q2U7uvMl/qglN6UiCRUQCfXeT5
o4MkaZfjF6ZTJIt4/Gx1lTM=
=Z9ZD
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
