This week's giveaway is in the EJB and other Java EE Technologies forum. We're giving away four copies of EJB 3 in Action and have Debu Panda, Reza Rahman, Ryan Cuprak, and Michael Remijan on-line! See this thread for details.
OK, long story but I'll try to make it quick. I have a server in my possesion that has a Struts / Hibernate app running in Tomcat 5. The app is a nightmare and takes down the server regularly. Anyways they fired the old programmer and hired me to build a new app but I can't even get the old app to run. They don't want this one fixed but they want me to look at some of his interfaces so I can mimic them somewhat.
I'm thinking this thing was setup to explicity run on the domain and since it is now on my internal backbone and running on an IP this MAY be the problem.
What's happening is the second I try and access the app via a browser I get a Security Exception. The orginal app had an html page that literally did nothing except redirect them to this app. I added a jsp to stop the redirect but no matter what when I try and go into the app I get this damn exception.
I've been through ever file I can think of, the server.xml, the web.xml, and all the other xml files in the WEB-INF folder. I've also gone through the Tomcat config files to see if I could find anything.
I know Java (quite well) but again I no nothing about Struts. Are there any files I should be looking or entries in these files that could cause this?
I know a bit about Struts, but very little about Tomcat. I would start with a fresh Struts sample application. Once you get that to work, start to migrate over pieces of this application and see what is up. I would suspect a setting in your web.xml file, but suppose that it could be a higher level Tomcat configuration setting as well.
part of the file... that one could be setup to handle security validation.
But come to think of it perhaps he's screwed with the context by removing the myapp-users.xml and or the myapp-roles.xml depending upon how the apps users are getting validated. If the app uses BASIC auth then check for the above files. If your using JAAS then it's a whole nother can of worms. [ March 15, 2006: Message edited by: graham king ]