Win a copy of Learning OpenStack Networking: Build a solid foundation in virtual networking technologies for OpenStack-based clouds this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

[Q][Web Security][Login Form doesn't display]  RSS feed

 
Ranch Hand
Posts: 60
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My problem is that the loginPage.html doesn't display, when I make a request to the constrained resource. Instead, the browser told me "the page you are looking for is unavailable". If I remove the constraint, it works great. Can you imagine where the trick is?

I made a request to CheckCookie.do Servlet URL pattern, which is under "myApp" applicaton.
Http://localhost:8080/myApp/CheckCookie.do
The loginPage.html and loginError.html are under myApp directory also.
Http://localhost:8080/myApp/loginPage.html Http://localhost:8080/myApp/loginError.html
Both links work.

Below is the code:

<!--security role-->
<security-role>
<role-name>Guest</role-name>
<role-name>Member</role-name>
<role-name>Admin</role-name>
</security-role>
<!--security constraint -->
<security-constraint>
<web-resource-collection>
<web-resource-name>myBeer</web-resource-name>
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Member</role-name>
<role-name>Admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<!--login config -->
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/loginPage.html</form-login-page>
<form-login-error>/loginError.html</form-login-error>
</form-login-config>
</login-config>
[ July 02, 2005: Message edited by: Bruce Sun ]
 
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can you specify the location of login.html with respect to your application and the URL you are using to request the page. Something like

<tomcat>\<web-app>\login.html and

http://127.0.0.1:8080/web-app/login.html
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!