Massimo Caliman
by Massimo Caliman
~1 min read


  • Java

To set up basic authentication in a java application in tomcat, we can only intervene in two files

In tomcat-users.xml setting, where we will configure the users.

<!--?xml version='1.0' encoding='utf-8'?-->
<role rolename="tomcat">
<role rolename="role1">
<user password="tomcat" roles="tomcat" username="tomcat">
<user password="tomcat" roles="role1" username="role1">
<user password="tomcat" roles="tomcat,role1" username="both">

While in the web.xml file of our application, we add the lines as below.

<!--?xml version="1.0" encoding="ISO-8859-1"?-->  
<!-- Define a Security Constraint on this Application -->
<web-resource-name>Entire Application</web-resource-name>      

<!-- Define the Login Configuration for this Application -->

<!-- Security roles referenced by this web application -->
The role that is required to log in to the Manager Application