Using Tomcat's HTTP Authentication
The simplest way to protect Web resources is by making use of Tomcat's built-in authentication feature. A server administrator specifies the resources to be protected as well as the group or groups of users that can access them.
When a user tries to access a protected resource, the server challenges the user by opening a user-ID/password dialog. The user must then furnish this information and send it back to the server. The values supplied by the user are matched against those stored in a user data store. If they match, the user is allowed to access the resource; otherwise, the user is challenged with the dialog again.
Specifying User Information in Tomcat
Tomcat stores and uses user information ...
Get Java Server Pages from scratch now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.