Instructions for enabling password protection of cargo-jetty-7-and-onwards-deployer.war are incomplete


cargo-jetty-7-and-onwards-deployer.war ships with no password protection. Instructions for enabling security are documented here:

The instructions say to "Uncomment the part of web.xml that says Uncomment in order to activate security."

The instructions don't mention that you must also add stuff to jetty-web.xml. I added this, to enable password protection:


S. Ali Tokmen
January 13, 2016, 7:53 AM

Hi Todd

In that documentation it is assumed the security realm would be configured on a server level, and not webapp level - That's what Jetty called "globally scoped security realm" in

What do you think is best? Shall we mention this and give a link or make a more complex example?

Thank you

Todd Hivnor
January 13, 2016, 5:08 PM

The link you provided about how to define a security realm is great. It is the missing clue, in Jetty+Remote+Deployer.html

I would recommend just adding a new step to Jetty+Remote+Deployer.html:

4. Define a security realm. This can be per-webapp or global. See

S. Ali Tokmen
January 13, 2016, 7:14 PM

Hi Todd

Thanks is now updated, but it will have to be rendered first so that'll take time to become public.



S. Ali Tokmen


Todd Hivnor


Fix versions

Affects versions