You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Freddy Villalba A." <fv...@pericless.com> on 2004/11/12 18:44:12 UTC

Declarative security example

Hello everybody,

I'm trying to run the following test application on a Tomcat v4.1 that comes
along with JBuilder X.

<web-app>
  <servlet>
    <servlet-name>SecureServlet</servlet-name>
    <servlet-class>SecureServlet</servlet-class>
  </servlet>
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>prueba de seguridad declarativa</web-resource-name>
      <url-pattern>/servlet/SecureServlet</url-pattern>
      <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>supervisor</role-name>
    </auth-constraint>
    <user-data-constraint>
      <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
  </security-constraint>
  <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
      <form-login-page>/formlogin.html</form-login-page>
      <form-error-page>/formerror.html</form-error-page>
    </form-login-config>
  </login-config>
  <security-role>
    <role-name>supervisor</role-name>
  </security-role>
</web-app>

When I launch the server, it is not able to initialize the web app. This is
the trace I get from Tomcat:

12-nov-2004 18:30:05 org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on port 8080
Starting service Tomcat-Standalone
Apache Tomcat/4.1.27-LE-jdk14
HostConfig[localhost]: Deploying configuration descriptor jb-cursoj2ee.xml
WebappLoader[/cursoj2ee]: Deploying class repositories to work directory
C:\cursoj2ee\seguridadDeclarativa\seguridadDeclarativa\Tomcat\work\cursoj2ee
WebappLoader[/cursoj2ee]: Deploy class files /WEB-INF/classes to
C:\cursoj2ee\seguridadDeclarativa\seguridadDeclarativa\modulo1\WEB-INF\class
es
WebappLoader[/cursoj2ee]: Reloading checks are enabled for this Context
ContextConfig[/cursoj2ee]: No Realm has been configured to authenticate
against
ContextConfig[/cursoj2ee]: Marking this application unavailable due to
previous error(s)
StandardManager[/cursoj2ee]: Seeding random number generator class
java.security.SecureRandom
StandardManager[/cursoj2ee]: Seeding of random number generator has been
completed
StandardContext[/cursoj2ee]: Context startup failed due to previous errors
12-nov-2004 18:30:07 org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on port 8080

It seems like I've got to define some realm on Tomcat in order for this
silly example to work. However, I've read (Sun's material) this example
should be straightforward, just deploy the webapp anywhere and run, without
defining anything particular to the servlet container.

What am I missing? Am I required to define a realm in order for it to work?

Thanx everybody,
F.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org