• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Liutauras Vilda
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Scott Selikoff
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
  • Frits Walraven
Bartenders:
  • Stephan van Hulst
  • Carey Brown

How to Secure a Struts application using Form Based Authentication

 
Ranch Hand
Posts: 91
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello Guys,
I am trying to Secure my STRUTS based Web application using Form Based Authentication(j_security_check). I have Sucessfully configured my LDAP on WEB Sphere Application Server.

I am trying to secure all JSP's as you could see on my Security Constraint below. But when i deploy my application it doesnot prompt with a Login screen instead goes to the index page defined on the welcome-file-list.

I will really appreciate if some one can tell me if there is someother way to secure a Action classes and JSP in Struts Application. Thank you

<!-- The Welcome File List -->
<welcome-file-list>
<welcome-file>jsp/index.jsp</welcome-file>
</welcome-file-list>

<security-constraint>
<web-resource-collection>
<web-resource-name>OCN-Resources</web-resource-name>
<description></description>
<url-pattern>*.jsp</url-pattern>
<url-pattern>/OCN</url-pattern>
<url-pattern>/action</url-pattern>
<http-method>
GET</http-method>
<http-method>
POST</http-method>
</web-resource-collection>
<auth-constraint>
<description></description>
<role-name>OCNQA</role-name>
<role-name>OCNTEAM</role-name>
<role-name>OCNADMIN</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/jsp/Login.jsp</form-login-page>
<form-error-page>/jsp/LoginError.jsp</form-error-page>
</form-login-config>
</login-config>
 
A berm makes a great wind break. And we all like to break wind once in a while. Like this tiny ad:
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic