[jira] Commented: (PLUTO-131) Login link in portal is broken

["David DeWolf (JIRA)" <pl...@jakarta.apache.org>]

    [ http://issues.apache.org/jira/browse/PLUTO-131?page=comments#action_12316563 ] 

David DeWolf commented on PLUTO-131:
------------------------------------

1) The secure directory structure does not exist phisically, however it is mapped in the web.xml so it is correct.

2) The transport gauruntee was added to resolve an issue that was related to url rendering in the portal.  The ideal way to fix this would be to secure an entirely different section portal configuration that does not require the garuntee, however, at the moment the castor mappings still don't allow multiple security constraints (ugh!).


Final result should be
/portal -- mapped to unsecured portal
/privileged - mapped to secure portal -- used as the login link
/secure - mapped to a secured and garunteed portal

> Login link in portal is broken
> ------------------------------
>
>          Key: PLUTO-131
>          URL: http://issues.apache.org/jira/browse/PLUTO-131
>      Project: Pluto
>         Type: Bug
>   Components: portal driver
>     Versions: 1.0.1-rc3
>  Environment: Portal driver deployed in Tomcat
>     Reporter: Craig Doremus
>     Assignee: David DeWolf

>
> The 'Login' link on the top right of the portal and generated in /WEB-INF/aggregation/Banner.jsp is broken. This issue appears to stem from the transport-guaranteed element in web.xml, which is set to CONFIDENTIAL. This setting is interpreted by Tomcat to require SSL to be enabled, which is not by default. 
> Also, according to web.xml, the security-constraint is trying to protect a 'secure' directory structure, which does not currently exist in the Pluto portal.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira