- Edit $CATALINA_HOME/conf/tomcat-users.xml
- Make sure the user you want to use is there, with the role you want for your webapp
- Now edit your application's web.xml, which is located in $CATALINA_HOME/webapps/YOURAPPLICATIONDIRECTORY/WEB-INF/web.xml
- Add the following (I usually use just /* for url-pattern but you can get more specific):
<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>NAME OF YOUR APP GOES HERE</web-resource-name>
<url-pattern>/*</url-pattern>
<url-pattern>/html/*</url-pattern>
<url-pattern>/list</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ROLE FROM TOMCAT-USERS.XML</role-name>
</auth-constraint>
</security-constraint>
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>YOUR REALM NAME GOES HERE, JUST MAKE ONE UP</realm-name>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to this application
</description>
<role-name>ROLE FROM TOMCAT-USERS.XML</role-name>
</security-role>
That's it...
Posts
No comments:
Post a Comment