Second time I posted this, and no one bothered to answer, but I
found the solution on my own.

Use a Location directive in the httpd.conf. My webapp name is stuff,
so I use the following:

<Location /stuff/>
AuthType Basic
AuthName "whatever"
AuthUserFile "/usr/local/apache2/conf/passwd"
require valid-user
</Location>

MUCH simpler than trying to set it up in Tomcat.


---- Tomcat Users List <tomcat-user@(protected):
> I want apache to do basic authentication for my tomcat servlets.
> I only want Tomcat to manage servlets - NO authorization.
>
> How do I tell apache to do basic authentication when a servlet
> is accessed??? I tried protecting the servlet directory in httpd.conf.
> Help!
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
> For additional commands, e-mail: tomcat-user-help@(protected)
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)