Hi, If I enable the snippet below I can access my Web Services but if I call a JSP I'm facing a weird error.
Using BASIC-auth-method I can sign-in and I'm being forwarded to the appropriate page, but the JSP-expressions within this page are not evaluated ("Hello ${user.name}"). With FORM-auth-method I will be forwarded to a page <called-url>/$%7Burl%7D. So the problem seems to be the same. I have a simple web-application which manages some data and allows anybody to get this data via Web Services (JAX-RPC). Only Admins should modify data with JSPs, so I would like to use the built-in security-constraint of tomcat. Thanks for your help in advance. -- Tobias <web-app> [...] <security-constraint> <web-resource-collection> <web-resource-name>AdminPages</web-resource-name> <url-pattern>/pages/*</url-pattern> <url-pattern>/faces/*</url-pattern> <url-pattern>/services/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <security-role> <role-name>admin</role-name> </security-role> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/pages/logon.jsp</form-login-page> <form-error-page>/pages/logonerr.jsp</form-error-page> </form-login-config> </login-config> [...] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]