• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

login-config not prompting for user id and password

 
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This is my web.xml DD


<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app>

<servlet>
<servlet-name>Ch3 Beer</servlet-name>
<servlet-class>com.example.web.BeerSelect</servlet-class>
</servlet>
<security-role><role-name>admin</role-name></security-role>

<servlet-mapping>
<servlet-name>Ch3 Beer</servlet-name>
<url-pattern>/SelectBeer.do</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>form.html</welcome-file>
</welcome-file-list>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<securtiy-constraint>
<web-resource-collection>
<url-pattern>/beerv1/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-gurantee>CONFIDENTIAL</transport-gurantee>
</user-data-constraint>
</securtiy-constraint>
</web-app>

This is my tomcat-users.xml file

<?xml version="1.0" encoding="utf-8" ?>
- <tomcat-users>
<role rolename="manager" />
<role rolename="admin" />
<user username="admin" password="" roles="admin,manager" />
</tomcat-users>



Instead of asking for login when trying to access "localhost:8080/beerv1/form.html" , it is allowing me to access it without asking for user id and password. What is the problem?
Thanks in advance.
 
Creator of Enthuware JWS+ V6
Posts: 3411
320
Android Eclipse IDE Chrome
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Bipra,

There are a couple of things that you have to check and correct:

  • What is the context-root of your application? The URL http://localhost:8080/beerv1/form.html suggests that it is beerv1, do you have a directory /beerv1 under your root?
  • You are using a GET request when requesting http://localhost:8080/beerv1/form.html, and only POST is restricted
  • There is a typo: securtiy-constraint should be security-constraint
  • Remove the whole <user-data-constraint> otherwise you need to setup a HTTPS port in Tomcat to get things working
  • Are there errors when starting-up?


  • Regards,
    Frits
     
    Bipra De
    Greenhorn
    Posts: 14
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Hello Frits,

    Thanks for your response.beerv1 is the context root of my application and there is no directory with beerv1 under beerv1(i.e context root of my app). In my web.xm , whenl I am giving
    <url-pattern>/*</url-pattern> then the browser asks for user name and password when trying to access form.html(localhost:8080/beerv1/form.html) but when I am giving <url-pattern>/beerv1/*</url-pattern> it does not prompts for user name and password. the page form.html is directly inside the context root i.e beerv1. What is causing this?

    Regards,
    Bipra De.
     
    Frits Walraven
    Creator of Enthuware JWS+ V6
    Posts: 3411
    320
    Android Eclipse IDE Chrome
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    The URL-pattern is always from the context-root, so in this case
    /* means every URL starting with http://localhost:8080/beerv1/
    /beerv1/* means every URL starting with http://localhost:8080/beerv1/beerv1/

    Just to confirm: create a beerv1 directory under your context-root dir and place the form.html there and see that it will ask for a username and password if you use the following URL http://localhost:8080/beerv1/beerv1/form.html

    Regards,
    Frits
     
    Bipra De
    Greenhorn
    Posts: 14
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Thanks Frits.It worked. I wasn't aware of this.
     
    With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
    reply
      Bookmark Topic Watch Topic
    • New Topic