Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

form-login-page tag and security-role tag

 
Nancy King
Greenhorn
Posts: 25
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, guys:
I have two questions that I hope you guys can answer.
1. regarding to <form-login-page>body</form-login-page>, here "body" must use relative path?
I am running tomcat examples. I copied login.jsp under examples dir, and when I used <form-login-page>/login</form-login-page>, it works. But when I used <form-login-page>login</form-login-page>(notice there is no "/" in the tag body), and when I started tomcat, it showed ERROR reading java.io.FileInputStream@388993 At Line 223 /web-app/login-config/", so I guess I have to use relative path which is relative to servlet context path. Please clarify this for me.
2. I have a question regarding to <role-name> which is in the following structure:
<security-constraint>
<web-resource-collection>
<auth-constraint>
<role-name>
.....
</rolename>
</auth-constraint>
<web-resource-collection>
<security-constraint>
In Chapter9 of SCWCD Exam Study Kit, it says:
"it(role-name) can be *(which means all the roles defined in the web application), or it must be a name that is defined in the <security-role> element of the deployment descriptor". My understanding of what that means is: If you use somethings specific(such as manager) instead of using * as role-name, then you must have <security-role><role-name>manager</role-name></security-role> in web.xml. But in Tomcat examples' web.xml, it uses tomcat and role1 as role-name, there is no <security-role> tag in the web.xml. It runs fine. is my understanding wrong?
Please help me.
Thanks
Nancy
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic