I am testing web resource form-based authentication. I have created a
dummy jsp page "Details.jsp" and have created the following nodes in
web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>SecurePages</web-resource-name>
<url-pattern>Details.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>EditUsers</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>Users who can edit</description>
<role-name>EditUsers</role-name>
</security-role>
I have created a "EditUsers" role in tomcat-users.xml.
But when I access "Details.jsp", I am redirected to the Netscape search
page !!! I am able to access the login and error.jsp pages fine.
Any ideas ?
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
