I made all this steps but it's not a problem that orion doesn't protect the
resourses but
don't forward me to login page. It's print java.lang.SecurityException.
Page in which I include protected page isn't protected becouse it's common
for different roles.
Orion checks the roles I knew that becouse I have dynamic menu that is built
for different roles.
> Milosz,
>
> We need a little bit more information to help you. Here are the minimum
> steps to use login/usersecurity:
>
> 1. protect the web resource in the web.xml, or the enterprise resource in
> the ejb-jar.xml.
> 2. write a jsp or html file with the j2ee security action.
> 3. enter data for the user/password and security-role/group mapping in the
> principals.xml file, databank, or other usermanager repository.
>
> Here is an example:
>
> The web.xml configuration file:
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>unnamed</web-resource-name>
> <url-pattern>/admin/*</url-pattern>
> <http-method>*</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>administrators</role-name>
> </auth-constraint>
> </security-constraint>
> <login-config>
> <auth-method>FORM</auth-method>
> <form-login-config>
> <form-login-page>/adminlogin.html</form-login-page>
> <form-error-page>/adminlogin.html</form-error-page>
> </form-login-config>
> </login-config>
> <security-role>
> <role-name>administrators</role-name>
> </security-role>
>
> You establish the login page with the j2ee security action
j_security_check
> (usually not necessary), j_username, j_password:
>
> <html>
> <head>
> <title>Administrative Login</title>
> </head>
> <LINK REL="stylesheet" TYPE="text/css" HREF="/css/stylesheet.css">
> <body MARGINHEIGHT="0" MARGINWIDTH="0" text="#000000" link="#003366"
> alink="#ff6600" vlink="#003366" bgcolor="#ffffff" leftmargin="0"
> RIGHTMARGIN="0" topmargin="0">
> <form name="login" method="POST" >
>
> <TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0>
> <tr><td height="150" colspan="4" bgcolor="#000099"></td></tr>
> <TR><td width="200" bgcolor="#000099"></td><TD>
> <p>Login:</p>
> </TD><TD>
> <input name="j_username" type="text" size=20>
> </TD><td width="50%" bgcolor="#000099"></TR>
> <TR><td width="200" bgcolor="#000099"></td><TD>
> Password:
> </TD><TD>
> <input name="j_password" type="password" size=20>
> </TD><td width="50%" bgcolor="#000099"></td></TR>
> <TR><td width="200" bgcolor="#000099"></td><TD>
> <input type="submit" value="SUBMIT">
> </TD><td bgcolor="#000099"></td><td width="50%"
> bgcolor="#000099"></td></TR>
> </table>
>
> </form>
> </body>
> </html>
>
> You establish the login/password data in the principals.xml file, or use
> datasourceusermanager, or ejbusermanager to verify your users.
>
> Regards,
>
> the elephantwalker
>
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Miłosz Witkowski
> Sent: Friday, July 06, 2001 1:35 AM
> To: Orion-Interest
> Subject: Security exception.
>
>
> I have problem with security exception when i try to include page which
is
> protected.
> Errors are printed on the page. I don't whant it. I want to forward myself
> to login page.
> I was trying to nest include by try block but it dosn't help. Does anybody
> know what should
> I do?
>
> Thanks in advance
>
> Milosz Witkowski
>
>
