Hi !
I have a folder I would like to secure by a password on my Tomcat Server.
On this server, I have Liferay 6 CE and I created a folder "/html/admin" on the Liferay's root folder.
I added a user in tomcat-users.xml and I've been told
here that I should add some lines in the web.xml of my application (Liferay in my case).
I'd like to reproduce the behavior we can have with a .htaccess on Apache.
The problem :
When I added the following lines in Liferay's web.xml, the app is not working.
I think the problem comes from the fact that there is already some security constraints in the file, but I don't know how to do what I want : securing /html/admin files by a password without breaking all the Liferay default's configuration.
Here are the lines I added in the web.xml file (between <web-app> tags) :
Code:
<security-constraint>
<web-resource-collection>
<web-resource-name>Ressource</web-resource-name>
<url-pattern>/html/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Admin Liferay pages</realm-name>
</login-config>
<security-role>
<description>Securing /html/admin/</description>
<role-name>admin</role-name>
</security-role>
Can you help me ?
Thanks !
Pit