tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Caldarale, Charles R" <Chuck.Caldar...@unisys.com>
Subject RE: Tomcat Security and Struts
Date Wed, 22 Apr 2009 14:26:21 GMT
> From: Mighty Tornado [mailto:mighty.tornado@gmail.com]
> Subject: Tomcat Security and Struts
> 
> I am trying to make sure my app requires a login. So I configured the
> following in my deployment descriptor:
> 
>  <security-constraint>
>    <web-resource-collection>
>    <web-resource-name>admin</web-resource-name>
>    <url-pattern>*.do</url-pattern>
>    <http-method>POST</http-method>
>    </web-resource-collection>
>    <auth-constraint>
>    <role-name>member</role-name>
>    </auth-constraint>
>    <user-data-constraint>
>    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>    </user-data-constraint>
>   </security-constraint>
>   <login-config>
>    <auth-method>FORM</auth-method>
>    <form-login-config>
>    <form-login-page>/WEB-INF/JSP/login.jsp</form-login-page>
>    <form-error-page>/WEB-INF/JSP/loginError.jsp</form-error-page>
>    </form-login-config>
>   </login-config>

Where is your <security-role> section?

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus
for use only by the intended recipient. If you received this in error, please contact the
sender and delete the e-mail and its attachments from all computers.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message