Skip to Main Content
Forums

Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Problem with security-constraint use

843833May 23 2007
Hola!

I need help for my j2ee 1.4 application, about using security-constraint in web.xml file.

This is my web.xml...at the bottom i'll expplain my problem:

<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>
Prova14Web</display-name>
<servlet>
<display-name>
action</display-name>
<servlet-name>action</servlet-name>
<servlet-class>
org.apache.struts.action.ActionServlet</servlet-class>
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>action</servlet-name>
<url-pattern>*.do</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>jsp/index.jsp</welcome-file>
</welcome-file-list>
<jsp-config>
<taglib>
<taglib-uri>/WEB-INF/struts-bean.tld</taglib-uri>
<taglib-location>/WEB-INF/struts-bean.tld</taglib-location>
</taglib>
<taglib>
<taglib-uri>/WEB-INF/struts-html.tld</taglib-uri>
<taglib-location>/WEB-INF/struts-html.tld</taglib-location>
</taglib>
<taglib>
<taglib-uri>/WEB-INF/struts-logic.tld</taglib-uri>
<taglib-location>/WEB-INF/struts-logic.tld</taglib-location>
</taglib>
</jsp-config>
<security-constraint>
<display-name>
vincolo1</display-name>
<web-resource-collection>
<web-resource-name>Restricted</web-resource-name>
<url-pattern>/jsp/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>operatore</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/html/login.html</form-login-page>
<form-error-page>/html/error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>operatore</role-name>
</security-role>
</web-app>

The problem is the that when i connect to my application at http://localhost:9081/Prova14Web, the first page that appears is the welcome.jsp, when it should be appear the login page! The application bypass the login page...but I don't know why it happens!
I'm using RAD6 and Websphere6 AS.

Could you help me please??
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Jun 20 2007
Added on May 23 2007
#java-ee-sdk
0 comments
156 views