Win a copy of Java EE 8 High Performance this week in the Java/Jakarta EE forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Using Security Constraint in Web.xml  RSS feed

Ranch Hand
Posts: 415
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all

I have a web-application running on tomcat . Inside the context folder i have several directories having some pre-defined configuration files . But the user is able to directly access them by typing the path including the fileName in the URL ( I have disabled the listings property however)

How can i prevent accessing the specific files .... I tried using

<display-name>Security constarint</display-name>
<web-resource-name>Java Application</web-resource-name>

<realm-name>OnJava Application</realm-name>

This seems to be working fine , but when the user enters the wrong security info thrice , 401 error page is coming instead i want my custom page . Hence i configured an error page for 401 code which overwrited the earlier behavaiour ie.. that BASIC authentication popup is not coming

Can any one let me know how to go about this
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!