Re: Setting up server.xml

Tue, 13 Feb 2001 11:08:19 -0800 

"Ignacio J. Ortega" wrote:

>
>
> You need to read those ugly specs ( in
> http://java.sun.com/products/servlets ) to get your webapp security to
> work, JDBCRealm has nothing to do with web.xml, it's only a way to store
> usernames & passwords for a webapp, you need to configure your web.xml
> to see it in action... Please send your web.xml if you want some help
> with it ....
>
> Please check ( and understand ) the url
> http://localhost:8080/examples/jps/security to look at working example,
> look at the web.xml file of the examples webapp to look at a working
> config...

Thank you for recommendations! I'll read them.

When I make a request to the url mentioned above I get an authenication
form.
When I provide the username tomcat and password tomcat (role tomcat is
defined in tomcat-users.xml) I get an login error.

I have seen a some messages on this list there people have discussed this
issue.
They were talking about a context attribute setting to trusted=true in the
connection
with the manager webapp included in Tomcat 4.0 - b1 distribution.

But where to specify the Context if Tomcat is not used in standalone mode.

I tried to put a <Context> tag between <Engine> tags, but it resulted in
error
messages for WarpContext.

The web.xml file I used is here:
?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
    "http://java.sun.com/j2ee/dtds/web-app_2_3.dtd">

<web-app>

  <taglib>
    <taglib-uri>
      XSLTAGS
    </taglib-uri>
    <taglib-location>
      /WEB-INF/xsl.tld
    </taglib-location>
  </taglib>

  <security-constraint>
    <display-name>Wap Security Constraint</display-name>
    <web-resource-collection>
      <web-resource-name>Protected Area</web-resource-name>
      <url-pattern>/test/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>tomcat</role-name>
      <role-name>role1</role-name>
    </auth-constraint>
  </security-constraint>

  <login-config>
    <auth-method>FORM</auth-method>
    <realm-name>Wap Form-based Authentication Area</realm-name>
    <form-login-config>
      <form-login-page>/test/login/login.jsp</form-login-page>
      <form-error-page>/test/login/error.jsp</form-error-page>
    </form-login-config>
  </login-config>

</web-app>


>
>
> Saludos ,
> Ignacio J. Ortega


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]

Reply via email to