Win a copy of Testing JavaScript Applications this week in the HTML Pages with CSS and JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

[Q][Web Security][Login Form doesn't display]

 
Ranch Hand
Posts: 60
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
My problem is that the loginPage.html doesn't display, when I make a request to the constrained resource. Instead, the browser told me "the page you are looking for is unavailable". If I remove the constraint, it works great. Can you imagine where the trick is?

I made a request to CheckCookie.do Servlet URL pattern, which is under "myApp" applicaton.
Http://localhost:8080/myApp/CheckCookie.do
The loginPage.html and loginError.html are under myApp directory also.
Http://localhost:8080/myApp/loginPage.html Http://localhost:8080/myApp/loginError.html
Both links work.

Below is the code:

<!--security role-->
<security-role>
<role-name>Guest</role-name>
<role-name>Member</role-name>
<role-name>Admin</role-name>
</security-role>
<!--security constraint -->
<security-constraint>
<web-resource-collection>
<web-resource-name>myBeer</web-resource-name>
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Member</role-name>
<role-name>Admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<!--login config -->
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/loginPage.html</form-login-page>
<form-login-error>/loginError.html</form-login-error>
</form-login-config>
</login-config>
[ July 02, 2005: Message edited by: Bruce Sun ]
 
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can you specify the location of login.html with respect to your application and the URL you are using to request the page. Something like

<tomcat>\<web-app>\login.html and

http://127.0.0.1:8080/web-app/login.html
 
Normally trees don't drive trucks. Does this tiny ad have a license?
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
    Bookmark Topic Watch Topic
  • New Topic