I looked for in this forum for the following message:
Http Status 400 : Invalid direct reference to form login page
I found some reply, but I did not obtain to decide my problem.
Where I can find a skill simple to implement a security in my application being
used struts and JAAS. It follows below some definitions made in my application:
login-config:
<application-policy name="siwcc">
<login-module code="org.jboss.security.ClientLoginModule"
flag="required"/>
<login-module code="siwcc.util.MyLdapLoginModule"
flag="required"></login-module>
</application-policy>
web.xml
<login-config>
<auth-method>FORM</auth-method>
<realm-name>siwcc</realm-name>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/jsp/loginInvalido.jsp</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>AdminPages</web-resource-name>
Administrator-only pages
<url-pattern>/sistema/jsp/inicio.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>WCC0001</role-name>
<role-name>WCC0002</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
jboss-web.xml
<jboss-web>
<context-root>siwcc</context-root>
<security-domain>java:/jaas/siwcc</security-domain>
</jboss-web>
login.jsp
<input type="text" name="j_username"
<input type="text" name="j_password"
jboss/server/default/conf/auth.conf
siwcc {
required;
org.jboss.security.ClientLoginModule required;
};
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3952140#3952140
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3952140
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
