Ah, you are 100% correct! I guess perhaps I've set my directory structure incorrect then.
Currently, i have /img/ /css/ /js/ /web-inf/ /web-inf/tld /web-inf/jsp /web-inf/classes /web-inf/lib etc. but since no one could reach anything in the web-inf, i figure that would do. Is there a way to do an exclusion? or should i modify my jsp directory? thanks for your help! Junos On Tue, Jul 29, 2008 at 2:49 PM, Felix Schumacher < [EMAIL PROTECTED]> wrote: > Am Dienstag, den 29.07.2008, 13:44 -0400 schrieb Jerry Atrick: > > OK, a bit more info. > > > > I might have set up my tomcat incorrectly, tho I'm not entirely sure why. > > > > In my login.jsp file, I have a simple image > > > > <div id="logo"><img src="<c:url value='/img/logo.gif' />" /></div> > > > > which when I try to login, the source is: > > > > <div id="logo"><img src="/myapp/img/logo.gif" /></div> > > > > which is what I expect. > > > > The problem is, I can't actually view the logo.gif file > You have configured your aplication to protect everything > (<url-pattern>/*</url-pattern>). > That will include /img/logo.gif and /css/site.css. > Maybe you could protect an admin or non public area only? > > HTH > Felix > > > > this is a basic login page: > > > > [code] > > <html xmlns="http://www.w3.org/1999/xhtml";> > > <head> > > <title> > > PAC - Applications > > </title> > > </head> > > > > <body> > > > > <div id="header"> > > <div id="logo"><img src="<c:url value='/img/logo.gif'/>"/></div> > > <div> > > <form method="POST" action="j_security_check"> > > <input type="text" name="j_username"> > > <input type="password" name="j_password"> > > <input type="submit" name="login" value="login"> > > </form> > > </body> > > </html> > > [/code] > > > > > > again, like before, I can login sucessfully, but it redirects me to > whatever > > the image that doesn't show up (so the logo.gif file). When I redirect > > myself manually to a correct url, i have all the correct permissions. > > > > Is there something I"m missing here? > > > > Even more weird? -> > > > > say I remove the offending line. But say I replay it with a > > > > <link rel="stylesheet" href="<c:url value="/css/site.css" />" > > type="text/css" /> > > > > at the top of my head. > > > > When I attempt to login, the site.css file is not loaded. But when I > login, > > it attempts to redirect and dumps the actual site.css file to the > browser. > > > > config problem?? > > > > > > Junos > > > > On Mon, Jul 28, 2008 at 5:14 PM, Jerry Atrick <[EMAIL PROTECTED]> wrote: > > > > > > When attempting to log into a standard form-based login field, I'm > always > > redirected to an image folder. > > > > > > My folder layout: > > > /img > > > /web-inf/ > > > /web-inf/web.xml > > > /index.jsp > > > /login.jsp > > > /error.jsp > > > > > > setup: > > > Spring2.5/tiles2/tomcat5.5 > > > > > > in my web.xml: > > > [code] > > > <security-constraint> > > > <display-name>Security Constraint</display-name> > > > <web-resource-collection> > > > <web-resource-name>Protected Pages</web-resource-name> > > > <url-pattern>/*</url-pattern> > > > <http-method>GET</http-method> > > > <http-method>POST</http-method> > > > </web-resource-collection> > > > <auth-constraint> > > > <role-name>myAdmin</role-name> > > > </auth-constraint> > > > </security-constraint> > > > > > > <login-config> > > > <auth-method>FORM</auth-method> > > > <form-login-config> > > > <form-login-page>/login.jsp</form-login-page> > > > <form-error-page>/error.jsp</form-error-page> > > > </form-login-config> > > > </login-config> > > > [/code] > > > > > > pretty standard stuff. If you want to see any of the other code, just > > ask... > > > > > > What happens: > > > 1. I attempt to go to a url > > > 2. It properly stops me and asks me to login > > > 3. I enter user credentials and hit login > > > 4. It sucessfully logins. > > > 5. It redirects me to /img/myimage.gif > > > > > > every time. > > > > > > I know that the login works fine, as when I fix my url to the url i was > > originally at, everything is correctly authenticated. Is there a way to > set > > a default url when you attempt to login? > > > Anyone else get a similar problem before? > > > > > > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
