Wednesday, January 8, 2003 06:43 PM
You'll also want to look in your examples/WEB-INF folder to see web.xml. It has the security-constraint
deployment descriptors and their related elements that are part of the authentication model. This is part of telling the container which resources to "protect". When you submit the form above, Tomcat will look in /$CATALINA_HOME/conf/tomcat-users.xml
(default location) to verify the username and password combination.
This is a broad topic and the information given above is very basic. To learn more about Tomcat security and how to configure it:
» Tomcat Security Docs
» Tomcat Security Realms