Search code examples
javajspauthenticationtomcatbasic-authentication

Trouble adding Basic Authentication

I'm running tomcat 6 and using jsp , trying to have a login page on my site which uses tomcat BASIC , I followed this and other tutorials http://www.jguru.com/faq/view.jsp?EID=239670 but still no luck ....Would anyone be able to tell me explicitly what to do? I Know form based is better but I have to use basic, thanks

The status 500 error being thrown is as follows

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception 

    javax.servlet.ServletException: 

    java.lang.NoClassDefFoundError:org/apache/jasper/compiler/ErrorDispatcher
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:268)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)

root cause 

    java.lang.NoClassDefFoundError: org/apache/jasper/compiler/ErrorDispatcher
org.apache.jasper.compiler.Compiler.compile(Compiler.java:350)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:334)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:321)
org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:592)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:328)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)

note The full stack trace of the root cause is available in the Apache Tomcat/6.0.35 logs.

Solution

  • In your web.xml you need at least:

       <security-role><role-name>member</role-name></security-role>
   <security-role><role-name>admin</role-name></security-role>

   <login-config>
    <auth-method>BASIC</auth-method>
   </login-config>

   <security-constraint>
    <web-resource-collection>
        <web-resource-name>For Members and Admin Only</web-resource-name>
        <description>This Description is Optional</description>
        <url-pattern>/Examples/protected/*</url-pattern>
    </web-resource-collection>

    <auth-constraint>
        <role-name>admin</role-name>
        <role-name>member</role-name>
    </auth-constraint>

   </security-constraint>

    In your tomcat-users.xml you need something like:

      <role rolename="member"/>
  <role rolename="admin"/>
  <user username="ricky" password="rrrrr" roles="admin,member"/>