Re: Tomcat and jsecurity help
OK I have been doing some work on this and I saw that my url is always the same, so that might be why Im not getting the results I want. The url in the browser is always something like: http://localhost:8080/MedPro/servlet/SvMedPro It should be something more like http://localhost:8080/MedPro/JSP/Comun/index.jsp or something like it isnt? Or it dosent matter and url are handled internally? Thanks ! -- View this message in context: http://www.nabble.com/Tomcat-and-jsecurity-help-tp21671743p21692875.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat and jsecurity help
Dosent seem to work, my idea is to have a common folder where everybody could go, and other 3 where just authorized people can see the jsp. Thats why you see 4 different security-constrain tags. Everybody should login no matter what. I think one of the problems is that how do I tell the app where to go once the user has authenticated?. Here is the realm The realm works as far as I know. Thanks a lot for your help -- View this message in context: http://www.nabble.com/Tomcat-and-jsecurity-help-tp21671743p21683095.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Tomcat and jsecurity help
Im trying to make tomcat work with my jsecurity setup but Im having some problems. My jsp's are in different folders to make them more organized in sake of security. So I have a main folder called JSP with 3 subfolders in it. So I have 3 tags setup depending on the folder I want to access so I have something like: Comun accessible by authenticated users of the DB role /JSP/Comun/* GET POST PUT DELETE Este rol tiene accesso limitado manager Administracion Gerencia Medico CONFIDENTIAL Admin accessible by authenticated users of the DB role /JSP/Admin/* GET POST PUT DELETE Este rol tiene accesso limitado Administracion CONFIDENTIAL But this dosent seem to work, first of all the login page is not displayed and everyone seems to have access to the whole app. The if I try MedPro accessible by authenticated users of the DB role /* GET POST PUT DELETE Este rol tiene accesso ilimitado manager CONFIDENTIAL Then I get the login page but only the manager can access, and the rest cant. How can I make it work? Thanks. I have attached a file in case you want to see it more clearly. http://www.nabble.com/file/p21671743/sample.xml sample.xml -- View this message in context: http://www.nabble.com/Tomcat-and-jsecurity-help-tp21671743p21671743.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org