The moose likes Servlets and the fly likes servlet security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "servlet security" Watch "servlet security" New topic

servlet security

Ondrej Babuljak

Joined: Mar 11, 2005
Posts: 8
I want to secure several of my servlets by using declarative security. I use WSAD 5 for development and I deploy to WAS 5.1. The configuration which I show below works properly in test environment in WSAD but fails on WAS.
The servlets that I want to secure have .sec extension. The important parts from web.xml are:


The problem is, that WAS doesn't require authentication when I request the Process.sec (or any other .sec servlet)
Any ideas?
Thanks a lot, Ondra
David O'Meara

Joined: Mar 06, 2001
Posts: 13459

I haven't done any web app development since WAS4, but I know enough to be sure this needs to go to the IBM/Websphere forum.

I agree. Here's the link:
subject: servlet security
It's not a secret anymore!