security-constraint for the Mine main page

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

security-constraint for the Mine main page

Pengcheng Yang
Dear InterMiners,

I don't know whether it is suitable to ask the question here. After
testing for a while with the guides from the web, I failed to implement
this feature.

I want to control some specific pages that still in developing stage
only acceptable to some specific users through tomcat
"security-constraint". I have performed the following test. However,
when I visit the link of "project/WEB-INF/test/index.html", the message
said "HTTP Status 403 – Forbidden", and the expected login window
doesn't appear.

Could anyone help me out?

Thank you and best,

Pengcheng Yang

=================== my implementation of the

1. added the following content to the

       <display-name>Example Security Constraint</display-name>
       <web-resource-name>my example</web-resource-name>


     <realm-name>Example Form-Based Authentication Area</realm-name>

     The role that is required to log into the sample application

2. the content of file /WEB-INF/login3.html

                 <title>Login Page</title>
         <h2>Hello, please log in:</h2>
         <form action="j_security_check" method=post>
                 <p><strong>Please Enter Your User Name: </strong>
                 <input type="text" name="j_username" size="25">
                 <p><p><strong>Please Enter Your Password: </strong>
                 <input type="password" size="15" name="j_password">
                 <input type="submit" value="Submit">
                 <input type="reset" value="Reset">

3. the content of file /WEB-INF/loginerror.html

                 <title>Login Error</title>
         <c:url var="url" value="/WEB-INF/test/index.html "/>
         <h2>Invalid user name or password.</h2>
         <p>Please enter a user name or password that is authorized to
access this
         application. For this application, this means a user that has
been created in the
         <code>file</code> realm and has been assigned to the
<em>group</em> of
         <code>TutorialUser</code>.  Click here to <a href="${url}">Try

dev mailing list
[hidden email]