You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Kannan Shastri <k....@gmail.com> on 2005/03/10 12:30:44 UTC

Tomcat auth problem

Hi ,

 I am facing a very peculiar problem..I have configured my web-app to
use form-based auth and it is working fine, except when I give the
complete URL of a JSP pafe inside a restricted area, it allows me
access without redirecting to the login page.

I have in my web.xml something like..

<security-constraint>
               <display-name>agentHome</display-name>
               <web-resource-collection>
                       <web-resource-name>agentHome</web-resource-name>
                       <description>Agent Home Applicaiton</description>
                       <url-pattern>
                       /index.jsp</url-pattern>
                       <url-pattern>/agentHome/*</url-pattern>
                       <url-pattern>/lob/*</url-pattern>
                       <url-pattern>/lob/term/*</url-pattern>
                       <http-method>
                       GET</http-method>
                       <http-method>
                       POST</http-method>
               </web-resource-collection>
               <auth-constraint>
                       <description></description>
                       <role-name>appAgentHome</role-name>
               </auth-constraint>
       </security-constraint>

But when i type the URL http://localhost:8080/nbpapps/faces/lob/term/ABC.jsp
it takes me directly to the page.
But on one machine in the network, it behaves OK and redirects me to
the login page...

Any idea what the problem could be?

Regards,

Kannan

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org