I recently created an API using Spring Boot which I deployed to Tomcat. For now, I have a single endpoint that I am trying to hit using Postman. I have modified the server's web.xml and tomcat-users.xml files according to this article.
web.xml
<init-param>
<param-name>readonly</param-name>
<param-value>false</param-value>
</init-param>
...
<security-constraint>
<web-resource-collection>
<web-resource-name>MyApp</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>MyApp</realm-name>
</login-config>
<security-role>
<description>Role for restricted resources</description>
<role-name>admin</role-name>
</security-role>
tomcat-users.xml
<user name="admin" password="admin" roles="admin" />
I am then using the same credentials using basic authentication in Postman (user: admin, password: admin). But I still get this HTTP 403 error. I am not sure what I am doing wrong. Is the name of the app the name of the JAR or is it the name of the app inside the POM?
