Hello Guys,
I am trying to Secure my
STRUTS based Web application using Form Based Authentication(j_security_check). I have Sucessfully configured my LDAP on WEB Sphere Application Server.
I am trying to secure all
JSP's as you could see on my Security Constraint below. But when i deploy my application it doesnot prompt with a Login screen instead goes to the index page defined on the welcome-file-list.
I will really appreciate if some one can tell me if there is someother way to secure a Action classes and JSP in Struts Application. Thank you
<!-- The Welcome File List -->
<welcome-file-list>
<welcome-file>jsp/index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>OCN-Resources</web-resource-name>
<description></description>
<url-pattern>*.jsp</url-pattern>
<url-pattern>/OCN</url-pattern>
<url-pattern>/action</url-pattern>
<http-method>
GET</http-method>
<http-method>
POST</http-method>
</web-resource-collection>
<auth-constraint>
<description></description>
<role-name>OCNQA</role-name>
<role-name>OCNTEAM</role-name>
<role-name>OCNADMIN</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/jsp/Login.jsp</form-login-page>
<form-error-page>/jsp/LoginError.jsp</form-error-page>
</form-login-config>
</login-config>