开发者

Disabling basic authentication?

How can i disable basic authentication in websphere 6.1? I have written example servelet In my war application i have defined something like this:

 <user-data-constraint>
          <transport-guarantee>CONFIDENTIAL</transport-guarantee>
       </user-data-constraint>
    </security-const开发者_StackOverflow社区raint>
    <login-config>
       <auth-method>BASIC</auth-method>
       <realm-name>Example login/realm-name>
    </login-config>



    <servlet-mapping>
        <servlet-name>ExampleServelet</servlet-name>
        <url-pattern>/*</url-pattern>
    </servlet-mapping>

Now from UI any one with the http://server/example/* can authenticate and there wont be any logout for basic authentication.

How can i disable this avoid this situation?Due to some reason i cant use form based authentication?


@constantlearner: your question is vague. Do you want to disable authentication for whole application or just for a particular url-pattern.

for a particular url-pattern: just don't specify that in web-resource-collection tag. for whole application, u can go to WAS console-> secure administration--> uncheck "enable application security" checkbox and restart app.


Or if you want to be more specific with your authentication you can change your URL pattern:

 <url-pattern>/justServletNeedingAuthentication</url-pattern>
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜