I am using struts with iAS sp3.
I am sending all urls through my action servlet with the following mapping:
<servlet-mapping>
<servlet-name>action</servlet-name>
<url-pattern>*.do</url-pattern>
</servlet-mapping>
And I'm protecting this with the following security-constraint:
<web-resource-collection>
<web-resource-name>LDAPSecurity</web-resource-name>
<description>LDAP-controlled Security</description>
<url-pattern>*.do</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
The problem I'm facing is that I get a 403 Unauthorized error and I never
get directed to my formLogin.jsp (which is a registered JSP), and it never
kicks off FormAuthServlet.
I tried changing <url-pattern> to "/.do", and then it kicks off
FormAuthServlet, but then I get an error that "user formLogin.jsp" is not
logged in, while accessing application <appName>.
I've noticed that if I leave the pattern as *.do, and I go into kregedit and
add the value "/timetracker/*.do=FORM" to the following key:
SOFTWARE\iPlanet\Application Server\6.0\CCS0\HTTPAPI\SecUrlTrans
it works as I would expect it to. "timetracker*do=FORM" is already a value
in this key.
Any ideas?? Does anyone know how to get this key to set both values, or do
I always have to "hack it" to make it work like I want?
Thanks,
Matt
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
