StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POWeb.xml Security Constraints not working
text
Body
copied!<p>Trying to get the security aspect of my web app up and going. </p> <p>I've created a dynamic web application within eclipse and am trying to use a form based authentication setup.</p> <pre><code><?xml version="1.0" encoding="UTF-8"?> <web-app id="WebApp_ID" version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <display-name>Application</display-name> <context-param> <param-name>javax.ws.rs.Application</param-name> <param-value>com.foo.bar.webservices.MyApplication</param-value> </context-param> <context-param> <param-name>resteasy.servlet.mapping.prefix</param-name> <param-value>/resteasy</param-value> </context-param> <listener> <listener-class>org.jboss.resteasy.plugins.server.servlet.ResteasyBootstrap</listener-class> </listener> <servlet> <servlet-name>Resteasy</servlet-name> <servlet-class>org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher</servlet-class> </servlet> <servlet> <display-name>LoginServlet</display-name> <servlet-name>LoginServlet</servlet-name> <servlet-class>httpAuth.LoginServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>Resteasy</servlet-name> <url-pattern>/resteasy/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>LoginServlet</servlet-name> <url-pattern>/LoginServlet</url-pattern> </servlet-mapping> <welcome-file-list> <welcome-file>/login.jsp</welcome-file> </welcome-file-list> <security-constraint> <display-name>Authorized Only</display-name> <web-resource-collection> <web-resource-name>Authorized Only</web-resource-name> <url-pattern>/restricted/*</url-pattern> <http-method>GET</http-method> <http-method>PUT</http-method> </web-resource-collection> <auth-constraint> <description>Allowed users</description> <role-name>USER</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/logonError.jsp</form-error-page> </form-login-config> </login-config> <security-role> <role-name>USER</role-name> </security-role> </web-app> </code></pre> <p>However, when I deploy and go to <code>http://localhost:8080/Application/restricted/index.jsp</code> it shows, which it shouldn't do. </p> <p>EDIT 1: Have made change to remove /Application. Doing so does not hold on pages such as /restricted/index.jsp</p> <h2>Folder Breakdown</h2> <pre><code>Application +build -WebContent +css +img +js login.jsp logonError.jsp +META-INF -restricted index.jsp +WEB-INF </code></pre>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload