iaragorn
Technical User
- Jul 24, 2008
- 1
ello all
I am trying using FORM authentication in web application. I'm using netbeans 6.1 and apache tomcat 6.0.16.
Here is instructions which I made:
I edit ~apache-tomcat-6.0.14\conf\tomcat-users.xml file, i put there:
<tomcat-users>
<role rolename="admin"/>
<role rolename="tomcat"/>
<role rolename="role5"/>
<user username="peter" password="peter" roles="role5"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="admin" password="admin" roles="admin"/>
</tomcat-users>
Then I put following in my web.xml(in my application)
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
Then I add files (login.jsp and error.jsp) to my project from
~\apache-tomcat-6.0.14\webapps\examples\jsp\security\protected
and finally add following agai nto the web.xml
<security-role>
<role-name>role5</role-name>
</security-role>
<security-role>
<role-name>tomcat</role-name>
</security-role>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/*</url-pattern>
<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>role5</role-name>
<role-name>tomcat</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
and that's it.
Then I have tried run my app, login page displays, but every username and password is returning following:
Invalid username and/or password, please try again.
Do you have idea where is the problem?
Thanks a lot
I am trying using FORM authentication in web application. I'm using netbeans 6.1 and apache tomcat 6.0.16.
Here is instructions which I made:
I edit ~apache-tomcat-6.0.14\conf\tomcat-users.xml file, i put there:
<tomcat-users>
<role rolename="admin"/>
<role rolename="tomcat"/>
<role rolename="role5"/>
<user username="peter" password="peter" roles="role5"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="admin" password="admin" roles="admin"/>
</tomcat-users>
Then I put following in my web.xml(in my application)
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
Then I add files (login.jsp and error.jsp) to my project from
~\apache-tomcat-6.0.14\webapps\examples\jsp\security\protected
and finally add following agai nto the web.xml
<security-role>
<role-name>role5</role-name>
</security-role>
<security-role>
<role-name>tomcat</role-name>
</security-role>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/*</url-pattern>
<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>role5</role-name>
<role-name>tomcat</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
and that's it.
Then I have tried run my app, login page displays, but every username and password is returning following:
Invalid username and/or password, please try again.
Do you have idea where is the problem?
Thanks a lot