You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Mark Whitby <ug...@cs.bham.ac.uk> on 2006/02/17 16:55:34 UTC
Problems with web.xml file
Hi there,
I've set up a basic web.xml file to test that my ssl connection is working fine for the specified pages to be protected in this way and to test to see if my custom 404 error page works fine.
I've got the certificate for my SSL page working fine and I've tested it before, but since I've customised the web.xml file I just keep getting the generic error page. I don't even get the error page I've set in my web.xml file.
I'm using Tomcat 5.5.15 and jdk 1.5.0_05 so it's all the latest installations. My web.xml fille and the relevant part from my server.xml file are attached. If anyone can tell me why the error-page and security-constraint tags aren't working I'd be very grateful.
Many thanks
Mark Whitby
Web.xml file:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
"http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>
<!--
Specifies the first page that users will come to in the system
-->
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<!--
Specifies the error page that will occur for 404 errors
-->
<error-page>
<error-code>404</error-code>
<location>error.jsp</location>
</error-page>
<!--
Specifies the security area within the system
-->
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure</web-resource-name>
<url-pattern>/secure/*</url-pattern>
</web-resource-collection>
<user-data-contraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
<user-data-contraint>
</security-constraint>
</web-app>
server.xml file
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector
port="8080" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />
<!-- Note : To disable connection timeouts, set connectionTimeout value
to 0 -->
<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="D:\FYPCode\keystore" keystorePass="......." />
Re: Problems with web.xml file
Posted by Dhaval Patel <dh...@yahoo.com>.
Hi Mark,
What kind of error do you get? 404? Is there any exception on catalina.out?
Try this:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Area</web-resource-name>
<url-pattern>/secure/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
Regards,
D
--- Mark Whitby <ug...@cs.bham.ac.uk> wrote:
> Just to update you on this problem, I've now got the error page working (I
> needed /error.jsp and not just error.jsp) but I am still having problems
> with the <security-constraint> tag. When I try to use this I end up with
> the generic Tomcat 404 error page and can't load up a single page. Once I
> comment this out everything works fine. Any ideas why?
>
> Mark
>
>
> ----- Original Message -----
> From: "Mark Whitby" <ug...@cs.bham.ac.uk>
> To: "Tomcat Users List" <us...@tomcat.apache.org>
> Sent: Friday, February 17, 2006 3:55 PM
> Subject: Problems with web.xml file
>
>
> Hi there,
>
> I've set up a basic web.xml file to test that my ssl connection is working
> fine for the specified pages to be protected in this way and to test to see
> if my custom 404 error page works fine.
>
> I've got the certificate for my SSL page working fine and I've tested it
> before, but since I've customised the web.xml file I just keep getting the
> generic error page. I don't even get the error page I've set in my web.xml
> file.
>
> I'm using Tomcat 5.5.15 and jdk 1.5.0_05 so it's all the latest
> installations. My web.xml fille and the relevant part from my server.xml
> file are attached. If anyone can tell me why the error-page and
> security-constraint tags aren't working I'd be very grateful.
>
> Many thanks
>
> Mark Whitby
>
>
> Web.xml file:
>
> <?xml version="1.0" encoding="ISO-8859-1"?>
>
> <!DOCTYPE web-app PUBLIC
> "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
> "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
>
> <web-app>
>
> <!--
> Specifies the first page that users will come to in the system
> -->
> <welcome-file-list>
> <welcome-file>index.jsp</welcome-file>
> </welcome-file-list>
>
> <!--
> Specifies the error page that will occur for 404 errors
> -->
>
> <error-page>
> <error-code>404</error-code>
> <location>error.jsp</location>
> </error-page>
>
>
> <!--
> Specifies the security area within the system
> -->
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Secure</web-resource-name>
> <url-pattern>/secure/*</url-pattern>
> </web-resource-collection>
> <user-data-contraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> <user-data-contraint>
> </security-constraint>
>
>
> </web-app>
>
> server.xml file
>
> <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
> <Connector
> port="8080" maxHttpHeaderSize="8192"
> maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
> enableLookups="false" redirectPort="8443" acceptCount="100"
> connectionTimeout="20000" disableUploadTimeout="true" />
> <!-- Note : To disable connection timeouts, set connectionTimeout value
> to 0 -->
>
> <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
>
> <Connector port="8443" maxHttpHeaderSize="8192"
> maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
> enableLookups="false" disableUploadTimeout="true"
> acceptCount="100" scheme="https" secure="true"
> clientAuth="false" sslProtocol="TLS"
> keystoreFile="D:\FYPCode\keystore" keystorePass="......." />
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Problems with web.xml file
Posted by Mark Whitby <ug...@cs.bham.ac.uk>.
Just to update you on this problem, I've now got the error page working (I
needed /error.jsp and not just error.jsp) but I am still having problems
with the <security-constraint> tag. When I try to use this I end up with
the generic Tomcat 404 error page and can't load up a single page. Once I
comment this out everything works fine. Any ideas why?
Mark
----- Original Message -----
From: "Mark Whitby" <ug...@cs.bham.ac.uk>
To: "Tomcat Users List" <us...@tomcat.apache.org>
Sent: Friday, February 17, 2006 3:55 PM
Subject: Problems with web.xml file
Hi there,
I've set up a basic web.xml file to test that my ssl connection is working
fine for the specified pages to be protected in this way and to test to see
if my custom 404 error page works fine.
I've got the certificate for my SSL page working fine and I've tested it
before, but since I've customised the web.xml file I just keep getting the
generic error page. I don't even get the error page I've set in my web.xml
file.
I'm using Tomcat 5.5.15 and jdk 1.5.0_05 so it's all the latest
installations. My web.xml fille and the relevant part from my server.xml
file are attached. If anyone can tell me why the error-page and
security-constraint tags aren't working I'd be very grateful.
Many thanks
Mark Whitby
Web.xml file:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
"http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>
<!--
Specifies the first page that users will come to in the system
-->
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<!--
Specifies the error page that will occur for 404 errors
-->
<error-page>
<error-code>404</error-code>
<location>error.jsp</location>
</error-page>
<!--
Specifies the security area within the system
-->
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure</web-resource-name>
<url-pattern>/secure/*</url-pattern>
</web-resource-collection>
<user-data-contraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
<user-data-contraint>
</security-constraint>
</web-app>
server.xml file
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector
port="8080" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />
<!-- Note : To disable connection timeouts, set connectionTimeout value
to 0 -->
<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="D:\FYPCode\keystore" keystorePass="......." />
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org