Re: Java Application

From:

=?windows-1252?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk>

Newsgroups:

comp.lang.java.programmer

Date:

Mon, 25 Feb 2013 21:52:23 -0500

Message-ID:

<512c2368$0$287$14726298@news.sunsite.dk>

On 2/25/2013 11:49 AM, Scott wrote:

I am trying to create a web application called hotdotcom. It is an
example from Hall?s Core Servlets and JavaServer Pages Volume 2:
Advanced Technologies - Second Edition. It is found in Chapter 3:
Declarative Security ? 3.1 Form-Based Authentication.

The web application uses container-managed security: From-based. The
web.xml is below. I am running Tomcat 3.3.1 on my PC. When I click a
protected URL I receive the login form just fine, but when I fill it out
I am always sent to my login-error.jsp page. I have added four users to
Tomcat?s <install_dir>conf/tomcat-users.xml file. (Also below)

I receive the following statement in the Tomcat log:
2013-02-25 08:30:22 - Http10Interceptor: Starting on 8080
2013-02-25 08:30:22 - Ajp12Interceptor: Starting on 8007
2013-02-25 08:30:22 - Ajp13Interceptor: Starting on 8009
EmbededTomcat: Startup time 56
2013-02-25 08:31:46 - SessionIdGenerator: Created random class java.security.Sec
ureRandom
2013-02-25 08:31:59 - Ctx(/hotdotcom) : From login without a session

You should have a lot more log in the two log files produced by Tomcat.

tomcat-users.xml
<tomcat-users>


   <role rolename="registered-user" />
   <role rolename="administrator" />

   <user name="john" password="nhoj" roles="registered-user" />
   <user name="jane" password="enaj" roles="registered-user" />
   <user name="juan" password="nauj" roles="administrator" />
   <user name="juana" password="anauj" roles="administrator,registered-user" />



   <user name="tomcat" password="tomcat" roles="tomcat" />
   <user name="role1" password="tomcat" roles="role1" />
   <user name="both" password="tomcat" roles="tomcat,role1" />
</tomcat-users>

I am wondering whether the reference to two not defined
roles may cause problems.

Could you try fix that?

Arne