Logo 
Search:

Java Forum

Ask Question   UnAnswered
Home » Forum » Java       RSS Feeds

CONTAINER MANAGED SECURITY PROBLEM

  Asked By: Ashan    Date: Mar 09    Category: Java    Views: 757
  

i am using container managed security for securing my web app.
i have a jdbc realm in my server.xml and some defined roles in my
web.xml,so far every thing is okay,problem is here:
i want to use BASIC authentication approach,and not FORM
authentication,but i don't know where should i introduce my
error page such that my error page is substituted with default
container error page,it is noticeable that i don't wanna use FORM
authentication approach.

Share: 

 

2 Answers Found

 
Answer #1    Answered By: Hoor Khan     Answered On: Mar 09

You could use this tag into web.xml for example :


<web-app>

<security-constraint>
<web-resource-collection>
<web-resource-name>
Protected Site
</web-resource-name>
<!-- This would protect the entire site -->
<url-pattern> /* </url-pattern>
<!-- If you list http methods,
only those methods are protected -->
<http-method> DELETE </http-method>
<http-method> GET </http-method>
<http-method> POST </http-method>
<http-method> PUT </http-method>
</web-resource-collection>
<auth-constraint>
<!-- role-name indicates roles that are allowed
to access the web  resource specified above -->

<role-name>tomcat</role-name>
<role-name>role1</role-name>
</auth-constraint>
</security-constraint>

<!-- BASIC authentication  -->
<login-config>
<auth-method> BASIC </auth-method>
<realm-name> Example Basic Authentication </realm-name>
</login-config>
</web-app>
and then you should define role in tomcat in this address :
TOMCAT_HOME/conf/tomcat-users.xml


tags are :
<tomcat-users>
<user name="tomcat" password="tomcat" roles="tomcat" />
<user name="role1" password="tomcat" roles="role1" />
<user name="both" password="tomcat" roles="tomcat,role1" />
</tomcat-users>

 
Answer #2    Answered By: Hugo Williams     Answered On: Mar 09

Just add the following line after your <welcome-file-list> tag in your web.xml file:


<error-page>

<error-code>403</error-code>

<location>/errorPage.jsp</location>

</error-page>

 
Didn't find what you were looking for? Find more on CONTAINER MANAGED SECURITY PROBLEM Or get search suggestion and latest updates.




Tagged: