aspose file tools
The moose likes Tomcat and the fly likes security-constrain and security-role Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Reply Bookmark "security-constrain and security-role" Watch "security-constrain and security-role" New topic
Author

security-constrain and security-role

Elinor Chang
Ranch Hand

Joined: Jul 30, 2003
Posts: 58
posted private message
0
Quote
I am trying to config my tomcat to restrict the usage of POST method to any of my pages. I configure as the following in the web.xml
<security-constraint>
<display-name> Privileged user only </display-name>
<web-resource-collection>
<web-resource-name></web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<description>
Defines privileged user for this tomcat installation
</description>
<role-name>amdin</role-name>
</security-role>
It seems working but I got 'error' is a 500 and I am expecting a 404. There is the error massage
HTTP Status 500 - Configuration error: Cannot perform access control without an authenticated principal
Is there anything I did wrong?
Thanks
Elinor

The more I learn, the less I know....<br /> <br />SCJP2 <br />SCWCD
 
 
subject: security-constrain and security-role
 
Threads others viewed
Login Session Time out
Realm question
Declarative security
Adding users and roles
Tips on form-based authetication
developer file tools