File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Tomcat and the fly likes security-constrain and security-role Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "security-constrain and security-role" Watch "security-constrain and security-role" New topic
Author

security-constrain and security-role

Elinor Chang
Ranch Hand

Joined: Jul 30, 2003
Posts: 58
I am trying to config my tomcat to restrict the usage of POST method to any of my pages. I configure as the following in the web.xml
<security-constraint>
<display-name> Privileged user only </display-name>
<web-resource-collection>
<web-resource-name></web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<description>
Defines privileged user for this tomcat installation
</description>
<role-name>amdin</role-name>
</security-role>
It seems working but I got 'error' is a 500 and I am expecting a 404. There is the error massage
HTTP Status 500 - Configuration error: Cannot perform access control without an authenticated principal
Is there anything I did wrong?
Thanks
Elinor


The more I learn, the less I know....<br /> <br />SCJP2 <br />SCWCD
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: security-constrain and security-role