Login application not running error is resourse not found

hello everyone........... i am new to java server faces and trying to run the application in jsf 2.0 but its not working.here is my web.xml and faces-config.xml..........kindly tell me where its going wrong......
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0"> <display-name></display-name> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <servlet> <servlet-name>Faces Servlet</servlet-name> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.faces</url-pattern> </servlet-mapping> </web-app>
[
My faces-config.xml is as follows:
<?xml version="1.0" encoding="UTF-8"?> <faces-config xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd" version="2.0"> <managed-bean> <managed-bean-name>login1</managed-bean-name> <managed-bean-class>naval.Login</managed-bean-class> <managed-bean-scope>view</managed-bean-scope> </managed-bean> <navigation-rule> <from-view-id>/WEB-INF/login.xhtml</from-view-id> <navigation-case> <from-outcome>WEB-INF/login.xhtml</from-outcome> <to-view-id>/WEB-INF/logout.xhtml</to-view-id> </navigation-case> </navigation-rule> <navigation-rule> <from-view-id>/WEB-INF/logout.xhtml</from-view-id> <navigation-case> <from-outcome>WEB-INF/logout.xhtml</from-outcome> <to-view-id>/WEB-INF/login.xhtml</to-view-id> </navigation-case> </navigation-rule> </faces-config>

First and foremost, user-designed login/security systems are a very bad idea. I've worked with J2EE since before servlets were invented, seen a lot of different webapps, some of which were very sensitive in nature, and seen a lot of user-defined security systems.

Almost all of them could be hacked into in under 10 minutes by non-sophisticated users. None of them were completely secure.

The J2EE specification includes a container-managed security framework. It works by wrapping itself around the webapp and bouncing many of the invalid requests before they can come anywhere near application code, and if you can't get to the code, you cannot exploit it. This system was designed by full-time professional security experts, not someone who was simply expected to "Git 'R Dun!" while concentrating on the more important business functions. It has withstood the test of time; I've never heard of it being successfully exploited. And best of all, it's pre-written and pre-debugged.

Aside from that, there are 2 problems with your samples.

First, you are using web resource paths as your navigation targets. Navigation targets are not resources (.xhtml), they are URLs (.faces). Specifically, they are relative URLs with no parameters or other decorations and must be JSF URLs, not URLs for generic servlets or JSPs.

Secondly, since they are URLs, you cannot retrieve them from under WEB-INF, because WEB-INF is invisible as a URL target path component in J2EE.