[Fwd: Question for how to setup tomcat realm with jsf/tiles]

Fri, 19 May 2006 12:12:39 -0700 

Hi experts
I switched from commandLink to outputLink, then it started getting a login popup windows as it was supposed to do so. Then, when a user successfully logged in and accessed the page [/maintanance/index.html], got 403 access denied error from tomcat. 

Could someone advsie me what could be wrong here ?
When I remove <url-pattern> element from web.xml, it works fine.

Thanks,
yasushi

== outputLink ==
<h:outputLink  value="maintenance/index.html" title="#{msgs.maintenance}" >
               <h:outputText value="#{msgs.maintenance}" />
</h:outputLink>

== web.xml ==
<security-constraint>
   <web-resource-collection>
     <web-resource-name>
       Maintenance Tools
     </web-resource-name>
     <url-pattern>/maintenance/*</url-pattern>
   </web-resource-collection>
   <auth-constraint>
     <role-name>memeber</role-name>
   </auth-constraint>
 </security-constraint>
 <!-- Define the Login Configuration for this Application -->
 <login-config>
   <auth-method>BASIC</auth-method>
   <realm-name>Members-only Area</realm-name>
 </login-config>

   <!-- Security roles referenced by this web application -->
 <security-role>
   <description>
     The role that is required to log in to the Admin Application
   </description>
   <role-name>member</role-name>
 </security-role>


--- Begin Message ---

Hi, experts


I am trying to configure a very basic memoryRealm on tomcat with 
myfaces/tiles.



I have setup security-constrains in web.xml as follows. 
In face-config.xml, I setup a navigation rule, so that a user will be 
taken to /maintenance/index.html by clicking the commandLink.
But tomcat realm is not recognizing url-pattern [/maintenance/*] defined 
in web.xml at all. 


Could someone advise me how to work with tomcat realm + jsf ?

thanks,
yasushi

=== web.xml ===
<security-constraint>
   <web-resource-collection>
     <web-resource-name>
       Maintenance Tools
     </web-resource-name>
     <url-pattern>/maintenance/*</url-pattern>
   </web-resource-collection>
   <auth-constraint>
     <role-name>memeber</role-name>
   </auth-constraint>
 </security-constraint>
 <!-- Define the Login Configuration for this Application -->
 <login-config>
   <auth-method>BASIC</auth-method>
   <realm-name>Members-only Area</realm-name>
 </login-config>

   <!-- Security roles referenced by this web application -->
 <security-role>
   <description>
     The role that is required to log in to the Admin Application
   </description>
   <role-name>member</role-name>
 </security-role>

== face-config.xml ===
<navigation-case>
        <from-outcome>nav_adminPage</from-outcome>
        <to-view-id>/maintenance/index.html</to-view-id>
</navigation-case>



--- End Message ---














    











					Reply via email to