tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marek Dolgos <mdol...@north-pacific.com>
Subject RE: login-config / security-constraint problem
Date Mon, 29 Oct 2001 05:41:01 GMT
Just to answer my own question:

Order matters! And its:

<security-constraint>
<login-config>
<security-role>

Sorry for the wasted bandwidth

-Marek

-----Original Message-----
From: Marek Dolgos [mailto:mdolgos@north-pacific.com]
Sent: Sunday, October 28, 2001 1:37 AM
To: Tomcat-User (E-mail)
Subject: login-config / security-constraint problem


I am getting the following error in my catalina.out file when I try to
access any file/servlet in my webapp. I don't understand why this is
happening. I don't believe that there are any syntax errors in my web.xml
file. I have JSSE set up and working. I confirmed this by removing the
<login-config> and <security-constraint> tags and accessed the server and
various html file I have in this webapp just fine via https on port 8443.

Stopping service Tomcat-Standalone
Starting service Tomcat-Standalone
Apache Tomcat/4.0
PARSE error at line 17 column -1
org.xml.sax.SAXParseException: Element "web-app" does not allow
"login-config" here.

I have the following <Realm> and <Context> in the server.xml file:

<Realm className="org.apache.catalina.realm.MemoryRealm" />

and

<Context path="/FileTransfer" docBase="GLExtractFileTransfer.war"
debug="0"/>

And here is the actual web.xml file:

<!DOCTYPE web-app 
    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" 
    "http://java.sun.com/dtd/web-app_2_3.dtd">

<web-app>
    <display-name>GL Extract File Transfer</display-name>

    <context-param>
        <param-name>webmaster</param-name>
        <param-value>webmaster@north-pacific.com</param-value>
    </context-param>

    <security-role>
        <role-name>filetransfer</role-name>
    </security-role>

    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/FileTransfer/Login.html</form-login-page>
            <form-error-page>/FileTransfer/Login.html</form-error-page>
        </form-login-config>
    </login-config>

<!--
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>File Transfer</web-resource>
            <url-pattern>/FileTransfer/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>filetransfer</role-name>
        </auth-constraint>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
-->
    <servlet>
        <servlet-name>FileTransfer</servlet-name>
 
<servlet-class>com.northpacific.filetransfer.FileTransfer</servlet-class>
    </servlet>
</web-app>

In this web.xml file the <security-constraint> is commented out but I have
tried with it uncommented and get a similar parse error for it too. I do
have a user entry in tomcat-users.xml which belongs tot he filetransfer
role. Does any one have ideas as to what I'm doing wrong?

--Marek
mailto:mdolgos@north-pacific.com

--
To unsubscribe, e-mail:
<mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:tomcat-user-help@jakarta.apache.org>

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message