• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

web.xml for form based authentication

 
Viv Singh
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have implemented form based authentication.

however, i got a problem with specifing the URL-pattern.

my directory structure is as follows:

-java
|--com
|---tool
|----portal
|----resc
-webresources

in the java/com/tool/portal "folder" i have my java classes of my servlets
in the webresources "folder" i have my css, images and .jsp files.

now i would like to "secure" the portal folder and the webresources folder.
however, my login.jsp which is used for the user-login and the css-file are also located in the webresources folder.

how would i specify this in the web.xml?

p.s: the directory structure is given like that and i have to use it as it is.

thanks in advance

[ November 25, 2008: Message edited by: Viv Singh ]

[ November 25, 2008: Message edited by: Viv Singh ]
[ November 25, 2008: Message edited by: Viv Singh ]
 
Jaikiran Pai
Marshal
Pie
Posts: 10447
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Since this a generic web application question and not specific to JBoss, i will move this to our Servlets forum where you will be some good advice.
 
Sachin Kumar
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Always keep login page under unprotected as that will be going to your gateway for protected resources.
 
Viv Singh
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
how would i do this best?

at the moment in my webresources directory i have all the .jsp files, a WEB-INF folder and a images folder.

should i e.g. create an "portal" folder in the webresources folder and put all jsp files apart from the login.jsp and secure that "portal" folder?
[ November 25, 2008: Message edited by: Viv Singh ]
 
Schandha Ravi
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Viv,

As you are aware all the resources under WEB-INF is restricted and protected to direct access. As suggested above, you can use a default page like index.jsp or index.html in unprotected mode and use jsp:redirect to route to the protected resource.
 
Viv Singh
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thanks,

problem is solved.
[ November 25, 2008: Message edited by: Viv Singh ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic