In tomcat 6 I am bringing down the container when asking for confidential
RESOURCE. iS THERE A REASON FOR THIS?
CONTAINER AND RESOURCE WORK FINE LIKE THIS...
<security-constraint>
<web-resource-collection>
<web-resource-name>loggedInUser</web-resource-name>
<url-pattern>/pages/user/secure/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>RegisteredUser</role-name>
</auth-constraint>
</security-constraint>
But fail when configured like this...
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>AdminArea</web-resource-name>
<url-pattern>/pages/admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
