Re: j_security_check

Mon, 11 Jun 2001 05:52:41 -0700 

Hi Mark,

I send you attached the parts of mod_jk.conf , web.xml which works for
me;
belonging to directory structure 
c:\tomcat\webapps\tute6\form\protected.jsp
c:\tomcat\webapps\tute6\secure\login.jsp & error.html
c:\tomcat\webapps\tute6\WEB-INF\web.xml

set  <Logger name="tc_log" 
            verbosityLevel = "DEBUG"
            path="logs/tomcat.log"/> 

in your server.xml so you can see if there are any mod_jk errors while
invoking tomcat.

Hth

Peter
ÿþ# The following line makes apache aware of 
the location of the /tute6 context

#

Alias /tute6 "C:/tc/webapps/tute6"

<Directory "C:/tc/webapps/tute6">

    Options Indexes FollowSymLinks

</Directory>



#

# The following line mounts all JSP files 
and the /servlet/ uri to tomcat

#

JkMount /tute6/servlet/* ajp13

JkMount /tute6/*.jsp ajp13

JKMount /tute6/form/*.jsp ajp13

JKMount /tute6/secure/j_security_check 
ajp13

#

# The following line prohibits users from 
directly accessing WEB-INF

#

<Location "/tute6/WEB-INF/">

    AllowOverride None

    deny from all

</Location>

#

# Use Directory too. On Windows, Location 
doesn't work unless case matches

#

<Directory "C:/tc/webapps/tute6/WEB-INF/">

    AllowOverride None

    deny from all

</Directory>



#

# The following line prohibits users from 
directly accessing META-INF

#

<Location "/tute6/META-INF/">

    AllowOverride None

    deny from all

</Location>

#

# Use Directory too. On Windows, Location 
doesn't work unless case matches

#

<Directory 
"C:/tc/webapps/tute6/META-INF/">

    AllowOverride None

    deny from all

</Directory>



#######################################################


# Auto configuration for the /tute6 
context ends.

#######################################################



<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app
    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
    "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd";>

<web-app>
   
   <security-role>
       <role-name>tomcat</role-name>
   </security-role>

  <servlet>
       <servlet-name>protect</servlet-name>
      <jsp-file>/form/protected.jsp</jsp-file>
  <!--    <load-on-startup>0</load-on-startup>    -->
       <security-role-ref>
          <role-name>TESTAPPROLE</role-name>   
          <role-link>tomcat</role-link>
       </security-role-ref> 
   </servlet>  

   
   <servlet-mapping>
      <servlet-name>tute6</servlet-name>
      <url-pattern>/tute6/servlet/*</url-pattern>
   </servlet-mapping> 

   <security-constraint>
      <web-resource-collection>
         <web-resource-name>My Protected Area</web-resource-name>
         <url-pattern>/form/*</url-pattern>
         <http-method>DELETE</http-method>
         <http-method>GET</http-method>
         <http-method>POST</http-method> 
         <http-method>PUT</http-method>
      </web-resource-collection>
      <auth-constraint>
         <role-name>tomcat</role-name>
      </auth-constraint>
   </security-constraint>
   
   <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>Form Based Authentication</realm-name>
   <form-login-config>
      <form-login-page>/secure/login.jsp</form-login-page>
      <form-error-page>/secure/error.html</form-error-page>
      </form-login-config> 
   </login-config> 

</web-app>

Reply via email to