This looks like it should work. Sorry.
On 5/1/06, John Wallace <[EMAIL PROTECTED]> wrote:
I am having problems getting a parameter from my web form when I have
security turned on for a servlet running in Tomcat 5.5.15. Here is the
code:
My Tomcat's server.xml file has this defined:
<Connector port="8080" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />
...and...
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
Note: I did not change anything in the server.xml file other than
uncomment the sections above.
Now in my web.xml deployment descriptor I have defined:
<security-constraint>
<web-resource-collection>
<web-resource-name>ParameterTest</web-resource-name>
<url-pattern>/parameter_test</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<servlet>
<servlet-name>Parameter Test</servlet-name>
<servlet-class>ParameterTest</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Parameter Test</servlet-name>
<url-pattern>/parameter_test</url-pattern>
</servlet-mapping>
I have a simple web form:
<html>
<head>
<title>Parameter Test</title>
</head>
<body>
<center>Parameter Test
<br>
<br>
<form action="parameter_test" method="post">
Please enter your parameter: <input type="text"
name="my_parameter">
<br>
<br>
<input type="submit" value="Ok"/>
</form>
</center>
</body>
</html>
Finally in my code (ParameterTest.java) I have:
public void doPost (HttpServletRequest request, HttpServletResponse
response) throws IOException {
PrintWriter out = response.getWriter();
String the_parameter = request.getParameter("my_parameter");
out.println("my_parameter = "+the_parameter);
out.println("parameter names:");
for (Enumeration e = request.getParameterNames() ;
e.hasMoreElements() ;) {
out.println("parameter: "+e.nextElement());
}
}
If the security-constraint section IS defined in my web.xml deployment
descriptor, output in my web browser is:
my_parameter = null
parameter names:
Now if I take the security-constraint section out of my web.xml file I
get the following output in my web browser:
my_parameter = 43625
parameter names:
parameter: my_parameter
So my code works just fine /without/ the security-constraint defined.
My question is this: What do I need to do to get the parameter to be
passed to my ParameterTest servlet with the security-constraint
defined? I need security to work here.
Thanks,
--
John Wallace | Java / Web Developer
[EMAIL PROTECTED] http://anode.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Marc Farrow
