Win a copy of 97 Things Every Java Programmer Should Know this week in the Java in General forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • salvin francis
  • fred rosenberger

form-login-page tag and security-role tag

 
Greenhorn
Posts: 25
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, guys:
I have two questions that I hope you guys can answer.
1. regarding to <form-login-page>body</form-login-page>, here "body" must use relative path?
I am running tomcat examples. I copied login.jsp under examples dir, and when I used <form-login-page>/login</form-login-page>, it works. But when I used <form-login-page>login</form-login-page>(notice there is no "/" in the tag body), and when I started tomcat, it showed ERROR reading java.io.FileInputStream@388993 At Line 223 /web-app/login-config/", so I guess I have to use relative path which is relative to servlet context path. Please clarify this for me.
2. I have a question regarding to <role-name> which is in the following structure:
<security-constraint>
<web-resource-collection>
<auth-constraint>
<role-name>
.....
</rolename>
</auth-constraint>
<web-resource-collection>
<security-constraint>
In Chapter9 of SCWCD Exam Study Kit, it says:
"it(role-name) can be *(which means all the roles defined in the web application), or it must be a name that is defined in the <security-role> element of the deployment descriptor". My understanding of what that means is: If you use somethings specific(such as manager) instead of using * as role-name, then you must have <security-role><role-name>manager</role-name></security-role> in web.xml. But in Tomcat examples' web.xml, it uses tomcat and role1 as role-name, there is no <security-role> tag in the web.xml. It runs fine. is my understanding wrong?
Please help me.
Thanks
Nancy
 
They gave me pumpkin ice cream. It was not pumpkin pie ice cream. Wiping my tongue on this tiny ad:
Devious Experiments for a Truly Passive Greenhouse!
https://www.kickstarter.com/projects/paulwheaton/greenhouse-1
    Bookmark Topic Watch Topic
  • New Topic