Autenticação no WebSphere 6.0 (RAD) e Tomcat

Programação Java
#1

Olá pessoal, estou quebrando a cabeça para colocar autenticação no meu projeto Web. Se alguém puder me ajudar vou ficar muito feliz… :wink:

Meu web.xml esta assim:

 <security-constraint>
  	<web-resource-collection>
  		<web-resource-name>TodoSite</web-resource-name>
  		<description></description>
  		<url-pattern>/*</url-pattern>
  		<http-method>
  		GET</http-method>
  		<http-method>
  		HEAD</http-method>
  		<http-method>
  		POST</http-method>
  	</web-resource-collection>
  	<auth-constraint>
  		<description></description>
  		<role-name>TodosAutenticados</role-name>
  	</auth-constraint>
  </security-constraint>
  
  <login-config>
  	<realm-name>Intranet</realm-name>
  </login-config>
  <security-role>
  	<description></description>
  	<role-name>TodosAutenticados</role-name>
  </security-role>

Para o WebSphere eu alterei o arquivo xml do EAR e ficou da seguinte forma:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE application PUBLIC "-//Sun Microsystems, Inc.//DTD J2EE Application 1.2//EN" "http://java.sun.com/j2ee/dtds/application_1_2.dtd">
<application id="Application_ID">
	<display-name>testeEAR</display-name>
	<module id="WebModule_1356529950470">
		<web>
			<web-uri>testes.war</web-uri>
			<context-root>teste</context-root>
		</web>
	</module>
	<security-role id="SecurityRole_1356532077855">
		<description>TodosAutenticados</description>
		<role-name>TodosAutenticados</role-name>
	</security-role>
</application>

E quando eu subo o servidor e digito a url não aparece a tela de autenticação(declarativa), entra direto na aplicação. Alguém fez isso no Tomcat ou WebSphere?

#2

Pessoal consegui aplicar no tomcat, abaixo a solução:

tomcat-user.xml

<?xml version="1.0" encoding="UTF-8"?>

  <role rolename="TodosAutenticados"/>
  <user username="6304478" password="123" roles="TodosAutenticados"/>
</tomcat-users>

server.xml - dentro de Engine

      <Realm className="org.apache.catalina.realm.MemoryRealm"/>

web.xml

	<security-constraint>
		<web-resource-collection>
			<web-resource-name>TodoSite</web-resource-name>
			<description></description>
			<url-pattern>/*</url-pattern>
			<http-method>GET</http-method>
			<http-method>PUT</http-method>
			<http-method>HEAD</http-method>
			<http-method>POST</http-method>
			<http-method>DELETE</http-method>
		</web-resource-collection>
		<auth-constraint>
			<description></description>
			<role-name>TodosAutenticados</role-name>
		</auth-constraint>
		<user-data-constraint>
			<transport-guarantee>NONE</transport-guarantee>
		</user-data-constraint>
	</security-constraint>
	<login-config>
		<auth-method>BASIC</auth-method>
		<realm-name>Intracorp</realm-name>
	</login-config>
	<security-role>
		<description></description>
		<role-name>TodosAutenticados</role-name>
	</security-role>

Valeu…

#3