Apologies re the duplicate posting; email trouble with my ISP.
Relevant part of web.xml reads:
<security-constraint>
<display-name>Security Constraint</display-name>
<web-resource-collection>
<web-resource-name/>
<description/>
<url-pattern>/login</url-pattern>
</web-resource-collection>
<!--auth-constraint>
<role-name>USER</role-name>
<role-name>ADMIN</role-name>
</auth-constraint-->
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/jsp/security/protected/login.jsp</form-login-page>
<form-error-page>/jsp/security/protected/error.jsp</form-error-page>
</form-login-config>
</login-config>
At the moment I am trying things manually by checking the user table
regardless of Tomcat but is this necessary?
-----Original Message-----
From: Pid [mailto:p...@pidster.com]
Sent: 23 Sep 2010 12 57
To: Tomcat Users List
Subject: Re: Use of error page in Tomcat
On 23/09/2010 12:22, Martin O'Shea wrote:
> Hello
>
> I have a /myApp/displayDatasetPage which is used to display content.
> In this page, I incorporate the default Tomcat login code as follows:
>
> <div id = "login">
> <form action='<%= response.encodeURL("/myApp/loginPage")
%>'
> method = "post">
> <table border = "0">
Tables for layout. How very 1997.
> <tr>
> <th align = "right">Username</th>
> <td align = "left"><input type = "text"
> name = "userName"></td>
> </tr>
> <tr>
> <th align = "right">Password</th>
> <td align = "left"><input type =
> "password" name = "password"></td>
> </tr>
> <tr>
> <td align = "right"><input type = "submit"
> value = "Log In"></td>
> <td align = "left"><input type = "reset"></td>
> </tr>
> </table>
> </form>
> </div>
How is this 'the default Tomcat logic code'?
> And path /myApp/loginPage is protected in web.xml.
How is it protected in web.xml?
> This seems to be alright
> but if a user doesn't enter login details, or enters incorrect login
> details, and then presses 'Log in' the page simply reloads. I am
> assuming that this is because I have no login error page working
> alongside use /myApp/displayDatasetPage to catch login exceptions.
You tell us. You haven't posted your web.xml, so we can't know.
> Is it possible to use /myApp/displayDatasetPage to display login
> errors? Or can anyone say tell me if I catch Tomcat's login
> verification process to do this?
If you're using the Servlet Specification container managed authentication
mechanism, it's possible. It doesn't look like you are though.
If you've written your own login component, you can of course make that
happen too.
> Thanks
>
> Mr Morgan.
Are you Martin O'Shea or Mr Morgan? I'm confused.
p
P.S. Please send one message to the list and then wait for a response.
Two messages in 30 mins is a little pushy.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
