Thursday, April 5, 2012

Basic authentication in Apache TomCat



1 .
Add :
     <security-constraint>
<web-resource-collection>
<web-resource-name>Wildcard means whole app requires authentication</web-resource-name>
  <!-- this will decide on what folder you need authentication /* means all folders or root dir give this path according to your requirement.-->
<url-pattern>/*</url-pattern>      
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<!-- rolename added in tomcat-user.xml-->
<role-name>authrole</role-name>
</auth-constraint>


<user-data-constraint>
<!-- transport-guarantee can be CONFIDENTIAL, INTEGRAL, or NONE -->
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>


At the end of the file : In your project web.xml which is generally found in :


/<YourProjectName>/WebContent/WEB-INF/web.xml



2.
And then add a role to tomcat-user.xml which is usually found in tomcat/config folder there you can add a line like :

<role rolename="authrole"/>
<user username="username" password="password" roles="authrole"/>



after doing above, deploy your project to tomcat and restart the tomcat for sure.  to see the effect so now if you will start your deployed project it will ask for the password.






No comments:

Post a Comment

Thank you for Commenting Will reply soon ......

Featured Posts

#Linux Commands Unveiled: #date, #uname, #hostname, #hostid, #arch, #nproc

 #Linux Commands Unveiled: #date, #uname, #hostname, #hostid, #arch, #nproc Linux is an open-source operating system that is loved by millio...