Get the tools you need to learn Java skills fast!
Video tutorials, eBooks, hands-on lab exercises, sample code.
Get started
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Is it Tomcat's Bug or My Mistake Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of The Software Craftsman this week in the Agile forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Is it Tomcat Watch "Is it Tomcat New topic

Is it Tomcat's Bug or My Mistake

Alec Lee
Ranch Hand

Joined: Jan 28, 2004
Posts: 569
My web.xml is listed below. I tested with tomcat 5.0.29 and requested /first.jsp. I was prompted with a login prompt and I entered the password for an account with "admin" role. Unexpectedly, the /first.jsp was displayed!!

My understanding is that this should not had happen because I used <auth-contraint /> in my second <security-contraint>. Could anyone help me to spot any mistake I may have made.


<web-app xmlns=""
<!-- security-constran -->
<auth-constraint />

<!-- <login-config> -->
<!-- <security-role> -->
<!-- <welcome-file-list> -->
<!-- <filter> -->
Sergey Tyulkin
Ranch Hand

Joined: May 10, 2005
Posts: 87
Seems to be Tomcat bug
Esam Ahmed
Ranch Hand

Joined: Aug 10, 2005
Posts: 101
How did <role-name> map to the security "realm" ?

You might want to add these and see how it behaves:


<role rolename="admin"/>
<role rolename="user"/>

<user username="myName" password="myPassword" roles="admin, user" />
<user username="yourName" password="yourPassword" roles="admin" />


[ September 16, 2005: Message edited by: Esam Ahmed ]

Esam<br />SCJP 1.4, SCWCD 1.4
Have you tried LearnNowOnline?
subject: Is it Tomcat's Bug or My Mistake