Hi,
I am not sure where you are seeing the quoted message - on the browser? or in the domains/domain1/server.log?
For BASIC authentication, all you need to do is the following 3 simple steps:
1) Have the resources protection declaration - use <security-contraint>, login method in <login-config> and security roles - <security-role> in web.xml.
2) Have the security role mapping in sun-web.xml (mainly for authorization).
3) Create the users - use asadmin or admin console to create file users.
I am attaching the sample web.xml and sun-web.xml for your reference. If you can't resolve your issue, please include your .war file in the post.
Hope this helps.
[Message sent by forum member 'jagadesh' (jagadesh)]
http://forums.java.net/jive/thread.jspa?messageID=235449