| Author |
login-config not prompting for user id and password
|
Bipra De
Greenhorn
Joined: Nov 06, 2011
Posts: 14
|
|
This is my web.xml DD
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app>
<servlet>
<servlet-name>Ch3 Beer</servlet-name>
<servlet-class>com.example.web.BeerSelect</servlet-class>
</servlet>
<security-role><role-name>admin</role-name></security-role>
<servlet-mapping>
<servlet-name>Ch3 Beer</servlet-name>
<url-pattern>/SelectBeer.do</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>form.html</welcome-file>
</welcome-file-list>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<securtiy-constraint>
<web-resource-collection>
<url-pattern>/beerv1/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-gurantee>CONFIDENTIAL</transport-gurantee>
</user-data-constraint>
</securtiy-constraint>
</web-app>
This is my tomcat-users.xml file
<?xml version="1.0" encoding="utf-8" ?>
- <tomcat-users>
<role rolename="manager" />
<role rolename="admin" />
<user username="admin" password="" roles="admin,manager" />
</tomcat-users>
Instead of asking for login when trying to access "localhost:8080/beerv1/form.html" , it is allowing me to access it without asking for user id and password. What is the problem?
Thanks in advance.
|
Warm Regards,
Bipra De.
SCJP 1.6
SCWCD 1.5
|
 |
Frits Walraven
Rancher
Joined: Apr 07, 2010
Posts: 1043
|
|
Hi Bipra,
There are a couple of things that you have to check and correct:
What is the context-root of your application? The URL http://localhost:8080/beerv1/form.html suggests that it is beerv1, do you have a directory /beerv1 under your root?You are using a GET request when requesting http://localhost:8080/beerv1/form.html, and only POST is restrictedThere is a typo: securtiy-constraint should be security-constraintRemove the whole <user-data-constraint> otherwise you need to setup a HTTPS port in Tomcat to get things workingAre there errors when starting-up?
Regards,
Frits
|
|
Bipra De
Greenhorn
Joined: Nov 06, 2011
Posts: 14
|
|
Hello Frits,
Thanks for your response.beerv1 is the context root of my application and there is no directory with beerv1 under beerv1(i.e context root of my app). In my web.xm , whenl I am giving
<url-pattern>/*</url-pattern> then the browser asks for user name and password when trying to access form.html(localhost:8080/beerv1/form.html) but when I am giving <url-pattern>/beerv1/*</url-pattern> it does not prompts for user name and password. the page form.html is directly inside the context root i.e beerv1. What is causing this?
Regards,
Bipra De.
|
|
Frits Walraven
Rancher
Joined: Apr 07, 2010
Posts: 1043
|
|
The URL-pattern is always from the context-root, so in this case
/* means every URL starting with http://localhost:8080/beerv1/
/beerv1/* means every URL starting with http://localhost:8080/beerv1/beerv1/
Just to confirm: create a beerv1 directory under your context-root dir and place the form.html there and see that it will ask for a username and password if you use the following URL http://localhost:8080/beerv1/beerv1/form.html
Regards,
Frits
|
|
Bipra De
Greenhorn
Joined: Nov 06, 2011
Posts: 14
|
|
Thanks Frits.It worked. I wasn't aware of this. 
|
|
 |
|
|
subject: login-config not prompting for user id and password
|
|
|
0
