Hi,
I've been using versions 4.0 and 4.1.3 with a security constraint with no
problems.
However, when I added info in my server.xml file to try and attempt DBCP, I get
a warning in my logs about something being defined in in an auth-constraint
without being in a security role. Maybe not too big a deal.
However, ever since I added the Resource Name and Params for the DBCP, I don't
get challenged on the form to enter the "password protected" area, which in
turn causes some other errors.
Does anyone know why adding that bit of configuration to the server.xml file
would render the security constraint inoperable?
I'm open to feedback, let me know if more info's needed.
Thanks!
I've actually got the security constraint configured properly, as it's worked
before with no issues.:
----------------------------------------------------------------------------------------------------------------------------------
<security-constraint>
<web-resource-collection>
<web-resource-name>Change Control Protected
Area</web-resource-name>
<!-- Protect all files in the /murach/chngctrl/admin directory -->
<url-pattern>/chngctrl/admin/*</url-pattern>
<url-pattern>/chngctrl/change_ctrl_admin4.jsp</url-pattern>
<url-pattern>/chngctrl/chg_ctrl_adm_vote.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Users in the service and admin roles can access the admin dir
added several to match Change ctrl categs-->
<role-name>service</role-name>
<role-name>admin</role-name>
<role-name>comply</role-name>
<role-name>ops</role-name>
<role-name>legal</role-name>
<role-name>risk</role-name>
</auth-constraint>
</security-constraint>
--------------------------------------------------------------------------------------------------------
Here's the log info:
2007-02-21 16:28:02 HostConfig[localhost]: Deploying web application directory
murach
2007-02-21 16:28:02 StandardHost[localhost]: Installing web application at
context path /murach from URL file:C:\jakarta-tomcat-4.1.31\webapps\murach
2007-02-21 16:28:02 WebappLoader[/murach]: Deploying class repositories to work
directory C:\jakarta-tomcat-4.1.31\work\Standalone\localhost\murach
2007-02-21 16:28:02 WebappLoader[/murach]: Deploy class files /WEB-INF/classes
to C:\jakarta-tomcat-4.1.31\webapps\murach\WEB-INF\classes
2007-02-21 16:28:02 WebappLoader[/murach]: Deploy JAR
/WEB-INF/lib/mm.mysql-2.0.8-bin.jar to
C:\jakarta-tomcat-4.1.31\webapps\murach\WEB-INF\lib\mm.mysql-2.0.8-bin.jar
2007-02-21 16:28:02 ContextConfig[/murach]: WARNING: Security role name service
used in an <auth-constraint> without being defined in a <security-role>
2007-02-21 16:28:02 ContextConfig[/murach]: WARNING: Security role name admin
used in an <auth-constraint> without being defined in a <security-role>
2007-02-21 16:28:02 ContextConfig[/murach]: WARNING: Security role name comply
used in an <auth-constraint> without being defined in a <security-role>
2007-02-21 16:28:02 ContextConfig[/murach]: WARNING: Security role name ops
used in an <auth-constraint> without being defined in a <security-role>
2007-02-21 16:28:02 ContextConfig[/murach]: WARNING: Security role name legal
used in an <auth-constraint> without being defined in a <security-role>
2007-02-21 16:28:02 ContextConfig[/murach]: WARNING: Security role name risk
used in an <auth-constraint> without being defined in a <security-role>
2007-02-21 16:28:02 ContextConfig[/murach]: Configured an authenticator for
method FORM
2007-02-21 16:28:02 StandardManager[/murach]: Seeding random number generator
class java.security.SecureRandom
2007-02-21 16:28:02 StandardManager[/murach]: Seeding of random number
generator has been completed
2007-02-21 16:28:02 StandardWrapper[/murach:default]: Loading container servlet
default
2007-02-21 16:28:02 default: init
2007-02-21 16:28:02 StandardWrapper[/murach:invoker]: Loading container servlet
invoker
2007-02-21 16:28:02 invoker: init
2007-02-21 16:28:02 jsp: init
2007-02-21 16:28:02 HostConfig[localhost]: Deploying web application directory
ROOT
-------------------------------------------------------------------------------------------------------------------------
