This week's book giveaway is in the Android forum.
We're giving away four copies of Head First Android and have Dawn & David Griffiths on-line!
See this thread for details.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Problem with enforcing security in web-app Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Head First Android this week in the Android forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Problem with enforcing security in web-app" Watch "Problem with enforcing security in web-app" New topic

Problem with enforcing security in web-app

Varun Nayudu
Ranch Hand

Joined: Jun 26, 2006
Posts: 159
i am trying to enforce security in my web application.the basic structure is as follows:
web-app -> MyExample1(my app name) -> web.xml and classes(folder)


<?xml version='1.0' encoding='utf-8'?>
<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="manager"/>
<role rolename="admin"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="role1" password="tomcat" roles="role1"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="admin" password="" roles="admin,manager"/>

<web-app xmlns=""
web-app_2_4.xsd" version="2.4">








only one servlet is used and i want to restrict access to it depending on the user's. But i am not getting and prompt for username and password instead it is showing "Internet cannot display the webpage"

please tell if i have missed any thing or done any thing incorrectly.
Why am i not getting any prompt for username and password.
Please let me know...

SCJP 1.5, SCWCD 1.5
Varun Nayudu
Ranch Hand

Joined: Jun 26, 2006
Posts: 159
sorry i incorrectly structured the web app it like this

web-app -> MyExample1 -> WEB-INF ->web.xml and classes
Seetharaman Venkatasamy
Ranch Hand

Joined: Jan 28, 2008
Posts: 5575

please remove below one from your security-constraint

if you want to include this,you need to get certificate to activate https protocal.
I agree. Here's the link:
subject: Problem with enforcing security in web-app
jQuery in Action, 3rd edition