• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

jsp authentication problem

 
maheedar sand
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I am practising JSP. I have a a problem with JSP authentication with spring source tool suite 2.5.
I have few JSPs in a folder, while accessing the application in tomcat it is not asking for any credentials. It simply displays the jsp which should not.

The code is as follows:
- test
admin(folder)
enter.jsp
validate.jsp
store.jsp
confirmation.jsp.
DD file(web.xml)
<code>
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>ch_13</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<jsp-config>
<taglib>
<taglib-uri>validateFields</taglib-uri>
<taglib-location>/WEB-INF/tagLibraries/customLib.tld</taglib-location>
</taglib>
</jsp-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>admin</web-resource-name>
<url-pattern>/test/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>ORA Examples</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
</web-app>
</code>

Please, do the neeful.

Thanks and Regards,
sathish.g.
 
Tim Moores
Bartender
Posts: 2895
46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Which URL are you accessing that you think should be protected?
 
maheedar sand
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Thank you very much for the reply

Actually I created a web project named test. Under test I created a folder under root named admin. under this folder there are some jsps that need to be protected. So, I defined the security mechanism as per described in the web.xml file. when I execute the application in local tomcat it is not asking for any credentials.

the url I tried to access is: http://localhost:8080/test/admin/enter.jsp.

Also I checked the book examples. They are working fine. I'm not finding up the mistake.

Please, help the needful.


Thanks and Regards,
sathish kumar.g.
 
Tim Moores
Bartender
Posts: 2895
46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Remove the web app name from the url-pattern: <url-pattern>/admin/*</url-pattern>
 
maheedar sand
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Thank you very much for the help
Its working buddy. But what is the difference. If we give it is only context name. Please explain if possible...

Thanks and Regards,
sathish kumar.g.
 
Tim Moores
Bartender
Posts: 2895
46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The difference is between a correct path and an incorrect path. If <taglib-location> in your web.xml doesn't include the web app name, why would <url-pattern>? All such paths are relative to the web app root.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic