JDBCRealm and the security-constraint Element in the web.xml File
posted 12 years ago
My applications behave wierd after I configured the JDBCRealm. After experimenting in many different ways, I found that as long as I have the JDBCRealm in the server.xml, the Tomcat does not accept <security-constraint> specified in the application's web.xml file. Please help me. My configuration in the $TOMCAT_HOME/conf/sever.xml is shown below:
What happened is: First, I have an application artimus_1_1 that had worked well before JDBCRealm was inserted in the server.xml. Now, whenever I run the same application, I get:
HTTP Status 404 -/artimus_1_1 description: The requested resource(/artimus_1_1) is not availabe.
The web.xml of the application artimus_1_1 has <security-constraint> element in it and uses BASIC to authenticate users (i.e. the roles of the users are stored in the $TOMCAT_HOME/conf/tomcat-users.xml.) Second, I am working on another application. And I want to user FORM-based container-managed authentication for this application. I had
in the web.xml file and I had JDBCRealm in the $TOMCAT_HOME/conf/server.xml. I was able to display the welcome page. Thereafter, I inserted <security-constraint> preceding the <login-config> element, and inserted <security-role> following the <login-config> element. The application stops functioning. I get:
HTTP Status 404 -/PracticeVersion description: The requested resource(/PracticeVersion) is not availabe.
in the browser, and I have this message in the Tomcat log file:
LifecycleException: Container StandardContext[/PracticeVersion] has not been started
This is what my PracticeVersion/WEB-INF/web.xml looks like when the problem happened (Nothing is wrong with the specification and order of the tags):