File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes login-config not prompting for user id and password Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "login-config not prompting for user id and password" Watch "login-config not prompting for user id and password" New topic
Author

login-config not prompting for user id and password

Bipra De
Greenhorn

Joined: Nov 06, 2011
Posts: 14
This is my web.xml DD


<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app>

<servlet>
<servlet-name>Ch3 Beer</servlet-name>
<servlet-class>com.example.web.BeerSelect</servlet-class>
</servlet>
<security-role><role-name>admin</role-name></security-role>

<servlet-mapping>
<servlet-name>Ch3 Beer</servlet-name>
<url-pattern>/SelectBeer.do</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>form.html</welcome-file>
</welcome-file-list>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<securtiy-constraint>
<web-resource-collection>
<url-pattern>/beerv1/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-gurantee>CONFIDENTIAL</transport-gurantee>
</user-data-constraint>
</securtiy-constraint>
</web-app>

This is my tomcat-users.xml file

<?xml version="1.0" encoding="utf-8" ?>
- <tomcat-users>
<role rolename="manager" />
<role rolename="admin" />
<user username="admin" password="" roles="admin,manager" />
</tomcat-users>



Instead of asking for login when trying to access "localhost:8080/beerv1/form.html" , it is allowing me to access it without asking for user id and password. What is the problem?
Thanks in advance.


Warm Regards,
Bipra De.
SCJP 1.6
SCWCD 1.5
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1675
    
  25

Hi Bipra,

There are a couple of things that you have to check and correct:

  • What is the context-root of your application? The URL http://localhost:8080/beerv1/form.html suggests that it is beerv1, do you have a directory /beerv1 under your root?
  • You are using a GET request when requesting http://localhost:8080/beerv1/form.html, and only POST is restricted
  • There is a typo: securtiy-constraint should be security-constraint
  • Remove the whole <user-data-constraint> otherwise you need to setup a HTTPS port in Tomcat to get things working
  • Are there errors when starting-up?


  • Regards,
    Frits
    Bipra De
    Greenhorn

    Joined: Nov 06, 2011
    Posts: 14
    Hello Frits,

    Thanks for your response.beerv1 is the context root of my application and there is no directory with beerv1 under beerv1(i.e context root of my app). In my web.xm , whenl I am giving
    <url-pattern>/*</url-pattern> then the browser asks for user name and password when trying to access form.html(localhost:8080/beerv1/form.html) but when I am giving <url-pattern>/beerv1/*</url-pattern> it does not prompts for user name and password. the page form.html is directly inside the context root i.e beerv1. What is causing this?

    Regards,
    Bipra De.
    Frits Walraven
    Creator of Enthuware JWS+ V6
    Bartender

    Joined: Apr 07, 2010
    Posts: 1675
        
      25

    The URL-pattern is always from the context-root, so in this case
    /* means every URL starting with http://localhost:8080/beerv1/
    /beerv1/* means every URL starting with http://localhost:8080/beerv1/beerv1/

    Just to confirm: create a beerv1 directory under your context-root dir and place the form.html there and see that it will ask for a username and password if you use the following URL http://localhost:8080/beerv1/beerv1/form.html

    Regards,
    Frits
    Bipra De
    Greenhorn

    Joined: Nov 06, 2011
    Posts: 14
    Thanks Frits.It worked. I wasn't aware of this.
     
    I agree. Here's the link: http://aspose.com/file-tools
     
    subject: login-config not prompting for user id and password