It seems to be working now, however the Login Form I've created is being completely ignored.
When i try to access the secure section, a prompt box automatically pops up rather than my
jsp Form and I can type in the username and password and then forwards it to the next section or forwards it to some default websphere error page if unsuccessful.
I set the web.xml to FORM based but for whatever reason it seems to be automatically using Basic Authentication.
Here is what the web.xml file looks like with variables changed.
----
<?xml version="1.0" encoding="ISO-8859-1"?>
< !DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "
http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<icon></icon>
<display-name>
testing</display-name>
<description>testing web application</description>
< !-- <distributable><distributable> -->
<context-param>
<param-name>driverclass</param-name>
<param-value>sun.jdbc.odbc.JdbcOdbcDriver</param-value>
</context-param>
<context-param>
<param-name>jdbcURL</param-name>
<param-value>
jdbc dbc
b2</param-value>
</context-param>
< !-- <filter></filter> -->
< !-- <filter-mapping></filter-mapping> -->
< !-- <listener></listener> -->
<servlet>
<servlet-name>f_Sql_Center</servlet-name>
<servlet-class>test.f_Sql_Center</servlet-class>
</servlet>
<servlet>
<servlet-name>DBservlet</servlet-name>
<servlet-class>test.DBservlet</servlet-class>
</servlet>
<servlet>
<servlet-name>f_Sql_Tables</servlet-name>
<servlet-class>test.f_Sql_Bean</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>f_Sql_Center</servlet-name>
<url-pattern>/f_Sql_Center</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>f_Sql_Tables</servlet-name>
<url-pattern>/f_Sql_Tables</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>DBservlet</servlet-name>
<url-pattern>/DBservlet</url-pattern>
</servlet-mapping>
<session-config></session-config>
< !-- <mime-mapping></mime-mapping> -->
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<error-page>
<error-code>403</error-code>
<location>/ErrorPage.jsp</location>
</error-page>
<taglib>
<taglib-uri>
http://java.sun.com/jstl/core</taglib-uri>
<taglib-location>/WEB-INF/tlds/c.tld</taglib-location>
</taglib>
< !-- <resource-env-ref></resource-env-ref> -->
< !-- <resource-ref><br /> <res-ref-name>jdbc/abcTest</res-ref-name><br /> <res-type>javax.sql.dataSource</res-type><br /> <res-auth>Container</res-auth><br /> <res-sharing-scope>Shareable</res-sharing-scope><br /> </resource-ref><br /> -->
<security-constraint>
<display-name>Cims Login Security</display-name>
<web-resource-collection>
<web-resource-name>Login Protected Area</web-resource-name>
< !-- Define the context-relative URL(s) to be protected -->
<url-pattern>/secure/*</url-pattern>
< !-- If you list http methods, only those methods are protected -->
</web-resource-collection>
<auth-constraint>
< !-- Anyone with one of the listed roles may access this area -->
<role-name>test</role-name>
</auth-constraint>
</security-constraint>
< !-- Login configuration uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/sLogin.jsp</form-login-page>
<form-error-page>/sError_Page.jsp</form-error-page>
</form-login-config>
</login-config>
< !-- <security-role></security-role> -->
< !-- <env-entry></env-entry> -->
< !-- <ejb-ref></ejb-ref> -->
< !-- <ejb-local-ref></ejb-local-ref> -->
</web-app>
Not sure why the jsp form is being completely ignored.
-----