Login for Web-Application
fermat42 Aug 13, 2007 8:58 AMHi,
I want to build a web-application using JBoss. The Application should only be usable for authorized users. So I have build a protected Webside called protected/test.jsp. Then I used the following web.xml:
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>
index.jsp
</welcome-file>
</welcome-file-list>
<security-constraint>
<display-name>VDrive Protected</display-name>
<web-resource-collection>
<web-resource-name>VDrive</web-resource-name>
VDrive Configuration Pages
<url-pattern>/vdrive/test.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>administrator</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
</web-app>
In the directory server/default/conf I put the following users.properties:
fermat=test
and roles.properties:
fermat=administrator
This is based on http://www.techienuggets.com/Detail?tx=2, but I used basic authentication instead of form. But anyway (if using Form or Basic) I am asked for a login and password and after entering I get an empty page and the following exception:
14:41:39,763 ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
java.lang.ClassCastException: org.jnp.interfaces.NamingContext cannot be cast to org.jboss.security.SubjectSecurityManager
at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:488)
at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:181)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
Can anyone tell me what is going wrong? Is there a usable tutorial for this?