Saturday, May 3, 2003 03:35 PM
To password protect your pages you can use
a realm, please referer at the documentation
on tomcat project site for detailed info, also on web
there are many how-to, read them.
However to give you a point of start..
Once you've defined a realm resource(as the tomcat-users.xml or a your own
jdbc realm) in server.xml,
you have to modify the web.xml file of your application
here's a sample for adding basic realm support (Form authentication is quite similar, look at docs)
Link to the UserDatabase instance from which we request lists of defined role names.
Your Realm Name
The role that is required to log in to the Manager Application
For allowing only https connections, assuming you've already activated ssl support
(if not please look at docs for how to do it)
to your web.xml file and change the url-pattern to
match the directory you want to access only via https.
Please, keep in mind that attributes definition order in web.xml
All attributes are optional but defining in the wrong place may prevent
your application to act as you want.
Hope this helps.