Java Forum

CONTAINER MANAGED SECURITY PROBLEM

Asked By: Ashan Date: Mar 09 Category: Java Views: 657

i am using container managed security for securing my web app.
i have a jdbc realm in my server.xml and some defined roles in my
web.xml,so far every thing is okay,problem is here:
i want to use BASIC authentication approach,and not FORM
authentication,but i don't know where should i introduce my
error page such that my error page is substituted with default
container error page,it is noticeable that i don't wanna use FORM
authentication approach.

2 Answers Found

Answer #1 Answered By: Hoor Khan Answered On: Mar 09

You could use this tag into web.xml for example :


<web-app>

  <security-constraint>
    <web-resource-collection>
      <web-resource-name> 
        Protected Site 
      </web-resource-name>
      <!-- This would protect the entire site -->
      <url-pattern> /* </url-pattern>
      <!-- If you list http methods, 
            only those methods are protected -->
      <http-method> DELETE </http-method>
      <http-method> GET </http-method>
      <http-method> POST </http-method>
      <http-method> PUT </http-method>
    </web-resource-collection>
   <auth-constraint>
     <!-- role-name indicates roles that are allowed
       to access the web  resource specified above -->

 <role-name>tomcat</role-name>
     <role-name>role1</role-name>
   </auth-constraint>
 </security-constraint>

  <!-- BASIC authentication  -->
  <login-config>
    <auth-method> BASIC </auth-method>
    <realm-name> Example Basic Authentication </realm-name>
  </login-config>
 </web-app>
and then you should define role in tomcat in this address : 
TOMCAT_HOME/conf/tomcat-users.xml


tags are : 
<tomcat-users>
 <user name="tomcat" password="tomcat" roles="tomcat" />
 <user name="role1" password="tomcat" roles="role1" />
 <user name="both"  password="tomcat" roles="tomcat,role1" />
</tomcat-users>

Answer #2 Answered By: Hugo Williams Answered On: Mar 09

Just add the following line after your <welcome-file-list> tag in your web.xml file:


<error-page>

        <error-code>403</error-code>

        <location>/errorPage.jsp</location>

</error-page>

Didn't find what you were looking for? Find more on CONTAINER MANAGED SECURITY PROBLEM Or get search suggestion and latest updates.

Your Answer

Please login to post answer

Tagged:container managed security problem

Previous Post:

running a java program on 486 platform

Next Post:

Connect to oracle

A problem in container-managed relationships

Problem Description The XYZ retail outlet manages its entire inventory using a text file "inven

Calculating the no. of containers

container error

open source portlet 2 container and portal

using jsp as a container for java bean

JSP container cannot find my servlets

Exception in thread "main" java.lang.NullPointerException at java.awt.Container.addImpl(Contain

get reference to container class

Security problem

Managing tags

Password that user can manage

Connecting to Managed Services via ExcelVBA

Troubles with Ubuntu shortcut menu that doesn't manage URIs anymore

Managed to delete Windows live search

JMX to manage your application

Managed C++ webservice synchronous call handled asynchronously

Managed to install WattOS, an Ubuntu derivative on a 2 GB JetFlash

Flash Player Security risk

Updates and security issues

Security and Boot Options

WPA security for wifi?

wireless security settings

Security at any Level

Security

RSS Feeds:	Articles \| Forum \| New Users \| Activities \| Interview FAQ \| Poll \| Hotlinks
Social Networking:	Hall of Fame \| Facebook \| Twitter \| LinkedIn
Terms:	Terms of Use \| Privacy Policy \| Contact us

Java Forum

CONTAINER MANAGED SECURITY PROBLEM

2 Answers Found

Your Answer

Related Post