I am trying to implement a container-managed security. But the <url-pattern>/admin/*</url-pattern> doesn't work. I cannot find out why.
I am using
Struts 1.3.8.
I am using modules
I am using Tiles
I am using Struts Validator
My folder structure looks like this:
WebContent/index.jsp
WebContent/employee/addEmployee.jsp
WEB-INF/struts-config-employee.xml
WEB-INF/struts-config.xml
WEB-INF/web.xml
WEB-INF/validation.xml
WEB-INF/tiles-defs.xml
<p>
I create a link in the index page and when I click on that link I shlould get a user/pass window, but instead Struts allows the entrance:
index.jsp:
<html:link forward="viewAddEmployee"><bean:message key="link.employee.add"/></html:link>
struts-config.xml:
<global-forwards>
<forward name="viewAddEmployee" path="/employee/admin/viewAddSearch.do" />
</global-forwards>
struts-config-employee.xml:
<action path="/admin/viewAddSearch" forward="addEmployee.page"/>
tiles-defs.xml:
<definition name="addEmployee.page" extends="main.layout">
<put name="title" value="ABC, Inc. Human Resources Portal - Employee Search"/>
<put name="body" value="/employee/admin/addEmployee.jsp"/>
</definition>
web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>AdminPages</web-resource-name>
<description>Administrator-only pages</description>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>administrator</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>SomethingRealm</realm-name>
</login-config>
<security-role>
<description>Some Administrator</description>
<role-name>administrator</role-name>
</security-role>
In TOMCAT_HOME>/conf/tomcat_users.xml:
<tomcat-users>
<role name="administrator"/>
<user name="x" password="y" roles="administrator"/>
<user name="xx" password="yy" roles="administrator"/>
<user name="xxx" password="yyy" roles="employee"/>
</tomcat-users>
But when I put <url-pattern>*.do</url-pattern> it works for all action paths (since all of them end with .do). Can anyone help me with this?
Thanks in advance!