Re: integration between sslext and servlet auth

Mon, 01 Aug 2005 07:45:32 -0700 

This you do this is your struts config:

          <plug-in className="org.apache.struts.action.SecurePlugIn">
            <set-property property="httpPort" value="80"/>
            <set-property property="httpsPort" value="443"/>    
            <set-property property="enable" value="true"/>      
            <set-property property="addSession" value="true"/>          
          </plug-in>

There is also a Tomcat config for SSL.  Also, I didn't put my login.jsp (or 
whatever) in the special /WEB-INF/ directory.  Seems like it should work, but I 
would try something simple first i.e. /login.jsp.  Get it working off the ROOT 
them play around with the placement.



-----Original Message-----
From: Tremal Nailk <[EMAIL PROTECTED]>
Sent: Aug 1, 2005 7:06 AM
To: Struts Users Mailing List <[email protected]>
Subject: Re: integration between sslext and servlet auth

2005/7/29, Jim Kennedy <[EMAIL PROTECTED]>:
> I had to do this to make it work.

sorry, but it doesn't work, or better, it doesn't work for me . The
problem is that when I try to access a protected resource the
browser's request is redirected to the root of the app:

http://localhost:8080/myapp/

so the login page is displayed on a insecure channel. If I type
manually the complete url of the login page now it's displayed on a
secure channel, anyway:

http://localhost:8080/myapp/logon.jsp is redirected to
http://localhost:8443/myapp/logon.jsp 

But I,m sure I'd solve the problem if someone told me why I can't list
the contents of the WEB-INF folder. As an example: if I type

http://localhost:8080/myapp/jsp/

which is on the same level of WEB-INF I can see the directory listing.
If I type

http://localhost:8080/myapp/WEB-INF/

I get a 

HTTP Status 404: The requested resource (/myapp/WEB-INF/) is not
available. I'm deploying on a windows 2K machine (tomcat 5.0 jboss),
so I should not have reading permission

thanks in advance

-- 
TREMALNAIK

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to