• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

without being defined in a <security-role>

 
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all

kindly help me out in finding out the exact problem with the following error message from the file "catalina" of the Log directory of Tomcat 6.0.18

Mar 8, 2009 7:55:11 AM org.apache.catalina.startup.ContextConfig validateSecurityRoles INFO: WARNING: Security role name private used in an <auth-constraint> without being defined in a <security-role>

Mar 8, 2009 7:55:11 AM org.apache.coyote.http11.Http11AprProtocol start INFO: Starting Coyote HTTP/1.1 on http-80 Mar 8, 2009 7:55:11 AM org.apache.coyote.ajp.AjpAprProtocol start INFO: Starting Coyote AJP/1.3 on ajp-8009 Mar 8, 2009 7:55:11 AM org.apache.catalina.startup.Catalina start INFO: Server startup in 695 ms


 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The message seems very specific and to the point: any role you use in an auth-constraint tag needs to be defined in a security-role tag. You may want to read up on the security-constraint>, auth-constraint and security-role elements of the web.xml file; they're explained in the servlet specification.
 
sameer khazi
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi..

Mr Dittmer..

Thank you for you suggestion..

Actually i had not included the <security-role> xml tag in the Application-level "web.xml" file.

i have been able to get the desired out put.

Also need a little bit of clarification on the following..

(1)

<auth-constraint>
<role-name>tomcat</role-name>
</auth-constraint>

.....

</security-constraint>

(2)

<security-role>

<role-name> tomcat</role-name>

<security-role>

....

</web-app>

We place the sub-element i.e. <role-name> under both the <auth-constraint> and also the <security-role> main xml elements.

does the <role-name> under both these Main xml elements server the same purpose. if yes, then why it( <role-name> ) is being placed at two separate places.

i hope i have made my point clear.

Thank you...







 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
No, it serves different purposes. Underneath "security-role" it means "I am going to use role XYZ", while underneath security-constraint it means "role X is required to access these URLs". So the difference is like between declaring a variable and using a variable.
 
sameer khazi
Greenhorn
Posts: 28
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi

Thanks Dittmer..

thanks for making the points clear..

 
I'm full of tinier men! And a tiny ad:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic