Thank for your reply
In the mean time I did some steps a head
In web.xml I add the next lines:
<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Sample</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>your-role</role-name>
</auth-constraint>
</security-constraint>
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Sample</realm-name>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to the Manager Application
</description>
<role-name>your-role</role-name>
</security-role>
And now tomcat tell me login and password.
if the user is authenticated tomcat tell me the next message:
[SampleLoginModule] user entered user name: testUser
[SampleLoginModule] user entered password: testPassword
[SampleLoginModule] authentication succeeded
[SampleLoginModule] added SamplePrincipal to Subject
but in my browser I found the next error:
type Status report
message Access to the requested resource has been denied
description Access to the specified resource (Access to the requested
resource has been denied) has been forbidden.
I think that this error is due by a wrong role but I don't know how to send
tomcat a right role that in this case is "your-role"
Thank's in advance
--
View this message in context:
http://www.nabble.com/tomcat5-and-jaas-tp18831242p18831826.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
