<display-name>My First Application Security Constraint</display-name>
<web-resource-name>First App Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<!-- If you list http methods, only those methods are protected -->
<!-- Anyone with one of the listed roles may access this area -->
<!-- Security roles referenced by this web application -->
I assume something must be put in the server.xml but im not sure what.
Here is what I have....
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<!-- <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
userRoleTable="RolesTable" roleNameCol="Role Name"/>
userTable="Contacts" userNameCol="E-mail Address" userCredCol="Last Name"/>
What am I missing??? I have placed the sqljdbc.jar file in the tomcat/lib directory. Tomcat accepts
the file by starting the application. I am using form based authentication. I have basically used the
tomcat form example which includes other stuff that needs to be used to authenticate the app. If you
look at the web.xml you can see that access to the app will only take place by accessing the login
form. Then it will access any form on the web app. The form continually loops if it does not find an