I am trying to implement JAAS as an authentication and authorization service for my web application. I am using tomcat 6.0.20 server and mysql as database. I have read many articles on how to implement JAAS, infact have implemented it in a stand alone application where I am passing "java.security.auth.login.config" parameter as argument pointing to the jaas.config file.
For my web application , following this link, I added JAAS realm in server.xml but instead of providing authentication for specific application it is asking for authentication for Tomcat manager application when I am trying to run the application. How can I avoid this? Also which file should I add this -Djava.security.auth.login.config=$CATALINA_HOME/conf/jaas.config ?
The authentication should happen when I am submitting username and password on my login page.
Appreciate your help!!