From user-return-6672-apmail-geronimo-user-archive=geronimo.apache.org@geronimo.apache.org Tue May 29 16:01:00 2007 Return-Path: Delivered-To: apmail-geronimo-user-archive@www.apache.org Received: (qmail 79321 invoked from network); 29 May 2007 16:00:59 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 29 May 2007 16:00:59 -0000 Received: (qmail 57200 invoked by uid 500); 29 May 2007 16:01:01 -0000 Delivered-To: apmail-geronimo-user-archive@geronimo.apache.org Received: (qmail 57173 invoked by uid 500); 29 May 2007 16:01:01 -0000 Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: user@geronimo.apache.org List-Id: Delivered-To: mailing list user@geronimo.apache.org Received: (qmail 57158 invoked by uid 99); 29 May 2007 16:01:00 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 29 May 2007 09:01:00 -0700 X-ASF-Spam-Status: No, hits=2.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: domain of justj2ee@gmail.com designates 209.85.132.244 as permitted sender) Received: from [209.85.132.244] (HELO an-out-0708.google.com) (209.85.132.244) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 29 May 2007 09:00:55 -0700 Received: by an-out-0708.google.com with SMTP id d23so768122and for ; Tue, 29 May 2007 09:00:27 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; b=dfFYXSsTqv0VvTHWfrL6bCbY/384KyiHB2avWzoGTPf+FOpMg3sfH7u7fGHUjQ4JtDHxFyHB39qnt2cjuI4oH1TrZ4zgS9wW2TSDNLFkGD6Z+TfBje75J76jYXDoUCznHT6hL3b6DZFFHEpmiSRRA/XF07xUon5rNdzB50m7iew= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=ZUrgRWLLkXrHC44vcyDRkAbuK5A+sPrbfrN+eOS/vx/TfjSZBncAKWIKqILdruTQFMRkM2h8kXy5x4BiKIA5WcAwVU37FrFBArK73nO3fKPnfZvW86J/0G+OEjMMKOQ8/6UfYmQwWXUxGAjYYzTE5cJRRLTaxowD8zTLyhDAe/c= Received: by 10.100.138.2 with SMTP id l2mr5269056and.1180454427005; Tue, 29 May 2007 09:00:27 -0700 (PDT) Received: by 10.100.136.9 with HTTP; Tue, 29 May 2007 09:00:26 -0700 (PDT) Message-ID: Date: Tue, 29 May 2007 11:00:26 -0500 From: "Don Hill" To: user@geronimo.apache.org Subject: web.xml and security constraint MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_2564_13257908.1180454426943" X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_2564_13257908.1180454426943 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi, I have the following resource protected in the web.xml, How can I define a geronimo-web.xml/security..... to match this so that the deployment works. Restrict access to JSP pages Restrict access to JSP pages /greeting.jsp /response.jsp With no roles defined, no access granted ------=_Part_2564_13257908.1180454426943 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi,

I have the following resource protected in the web.xml, How can I define a geronimo-web.xml/security..... to match this so that the deployment works.

  <security-constraint>
        <!-- This security constraint illustrates how JSP pages
with JavaServer Faces components can be protected from
being accessed without going through the Faces Servlet.
The security constraint ensures that the Faces Servlet will
be used or the pages will not be processed. -->
        <display-name>Restrict access to JSP pages</display-name>
        <web-resource-collection>
            <web-resource-name>
                Restrict access to JSP pages
            </web-resource-name>
            <url-pattern>/greeting.jsp</url-pattern>
            <url-pattern>/response.jsp</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <description>
                With no roles defined, no access granted
            </description>
        </auth-constraint>
    </security-constraint>

------=_Part_2564_13257908.1180454426943--