Borrowing from another web.xml (solr's), I added this to my web.xml:
<resource-env-ref>
<description>
Link to the UserDatabase instance from which we request lists of
defined role names. Typically, this will be connected to the global
user database with a ResourceLink element in server.xml or the context
configuration file for the Manager web application.
</description>
<resource-env-ref-name>users</resource-env-ref-name>
<resource-env-ref-type>
org.apache.catalina.UserDatabase
</resource-env-ref-type>
</resource-env-ref>
<security-constraint>
<web-resource-collection>
<web-resource-name>Monitor</web-resource-name>
<url-pattern>/Monitor/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm>UserDatabase</realm>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
But I'm still getting through without having to authenticate. Is there
something that I'm missing, or am I going about this all wrong?
Thanks!
-- Chris
On Mon, Jan 10, 2011 at 1:45 PM, Mark Thomas <ma...@apache.org> wrote:
> On 10/01/2011 18:43, Christopher Gross wrote:
> > I added the security role:
> > MemoryRealm mr = new MemoryRealm();
> > mr.setPathname(path + "/conf/tomcat-users.xml");
> > Context sp = embedded.createContext("/Monitor", path +
> > "/webapps/monitor");
> > sp.setRealm(mr);
> > sp.addSecurityRole("admin");
> > host.addChild(sp);
> >
> > Is there anything else that I need to do for the Context?
>
> You need to set up some security constraints in web.xml
>
> Mark
>
> >
> > -- Chris
> >
> >
> > On Mon, Jan 10, 2011 at 1:37 PM, Mark Thomas <ma...@apache.org> wrote:
> >
> >> On 10/01/2011 18:16, Christopher Gross wrote:
> >>> I created a MemoryRealm object, pointed it to my tomcat-users.xml file,
> >>> added that realm to the embedded (no luck) and to the specific context
> >> (no
> >>> luck either). For both, it just plain loads the page -- doesn't ask me
> >> to
> >>> do any type of logging in.
> >>>
> >>> Are you just using your own experience to help me, or are you aware of
> >> any
> >>> documentation that I could peruse, instead of lobbing questions at you
> a
> >> few
> >>> times a day? :)
> >>
> >> Have you configured your app to require authentication? IF not the realm
> >> will never be used.
> >>
> >> Mark
> >>
> >>>
> >>> -- Chris
> >>>
> >>>
> >>> On Mon, Jan 10, 2011 at 12:48 PM, Pid <p...@pidster.com> wrote:
> >>>
> >>>> Can you not create a org.apache.catalina.realms.MemoryRealm and set
> the
> >>>> path to the xml file?
> >>>>
> >>>>
> >>>> p
> >>>>
> >>>>
> >>>
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> >> For additional commands, e-mail: users-h...@tomcat.apache.org
> >>
> >>
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
