This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I thought maybe I did something wrong or deleted something I shouldn't have in the web.xml file or application.xml file. So I reverted back to what worked and low and behold, I got the same error. I'm not sure what's wrong now because what worked yesterday is no longer working today.
I searched some forums and topics, but I'm new to websphere, so i'm not sure what the issue is. And if you've read other posts I've written recently, I am not the server admin of websphere 5.0. I can't read the errors or logs and I can't even access anything on the server. I just ftp an ear file and from there the server admins scripts are run to install, update, or delete the application. So at this point, the server admin said nothing changed, and i'm stuck.
What was the change that you made? Sounds like perhaps you wiped out the Servlet mapping. Could you post the web.xml file for the J2EE/WebSphere application, without comprising your application security? Maybe then we can help to troubleshoot the web module.
Joined: Feb 21, 2007
It seems to be working now, however the Login Form I've created is being completely ignored.
When i try to access the secure section, a prompt box automatically pops up rather than my jsp Form and I can type in the username and password and then forwards it to the next section or forwards it to some default websphere error page if unsuccessful.
I set the web.xml to FORM based but for whatever reason it seems to be automatically using Basic Authentication.
Here is what the web.xml file looks like with variables changed.
<security-constraint> <display-name>Cims Login Security</display-name> <web-resource-collection> <web-resource-name>Login Protected Area</web-resource-name> < !-- Define the context-relative URL(s) to be protected --> <url-pattern>/secure/*</url-pattern> < !-- If you list http methods, only those methods are protected --> </web-resource-collection> <auth-constraint> < !-- Anyone with one of the listed roles may access this area --> <role-name>test</role-name> </auth-constraint>