Hi all,
I am trying to use the form based authentication in tomcat 5.5, but for some reason, the user never get authenticated (always redirected to the error login page). I suspect that it has something to do with the new changes in tomcat 5.5. Can anyone tell me if I miss something? Thanks in advance!!!
tomcat-users.xml
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="user"/>
<role rolename="admin"/>
<user username="user" password="user" roles="user"/>
<user username="admin" password="admin" roles="admin"/>
</tomcat-users>
web.xml
<?xml version = '1.0' encoding = 'UTF-8'?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
"http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>
<display-name>test pro</display-name>
<description>test project</description>
<security-role>
<description>admin role</description>
<role-name>admin</role-name>
</security-role>
<security-role>
<description>user role</description>
<role-name>user</role-name>
</security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name>Sensitive</web-resource-name>
<url-pattern>/Sensitive/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/login-error.jsp</form-error-page>
</form-login-config>
</login-config>
<servlet>
<servlet-name>myServlet</servlet-name>
<servlet-class>myTicServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>Redirector</servlet-name>
<jsp-file>/login.jsp</jsp-file>
</servlet>
<servlet-mapping>
<servlet-name>myServlet</servlet-name>
<url-pattern>/main.do</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Redirector</servlet-name>
<url-pattern>/servlet/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>/login.jsp</welcome-file>
</welcome-file-list>
</web-app>