login-config doesn't have mandatory sub-elements. What is the use of it? Is it true having <login-config/> in DD will make the entire app. inaccessible by anybody? [ February 11, 2005: Message edited by: Deb Sadhukhan ]
_ __ _ __ _ __ _<br />SCJP 1.4 (95%) | SCWCD 1.4 (79%)<br />Artificial intelligence is no match for natural stupidity.
Rodrigo W Bonatto
posted 11 years ago
If you define a <security-constraint> element, you must define a <login-config> element, otherwise the container will throw a NullPointerException (in Tomcat 5.0.28).
I don't know if it depends of container implementation or if it is the default behaviour.