I am testing web resource form-based authentication. I have created a dummy jsp page "Details.jsp" and have created the following nodes in web.xml:
<security-constraint> <web-resource-collection> <web-resource-name>SecurePages</web-resource-name> <url-pattern>Details.jsp</url-pattern> </web-resource-collection> <auth-constraint> <role-name>EditUsers</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/error.jsp</form-error-page> </form-login-config> </login-config> <security-role> <description>Users who can edit</description> <role-name>EditUsers</role-name> </security-role> I have created a "EditUsers" role in tomcat-users.xml. But when I access "Details.jsp", I am redirected to the Netscape search page !!! I am able to access the login and error.jsp pages fine. Any ideas ? -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>