I also have another question kind of related. Is there a way to have different layouts (portlets in a page) for different users?
For your first question, edit the web.xml in jboss-portal.sar/portal-server.war/WEB-INF. Change the first security constraint from
I tried to do that but the following error message comes up from tomcat:
type Status report message /j_security_check description The requested resource (/j_security_check) is not available.
If you type the URL as http://localhost:8080/portal/ (note the slash on the end, it will work). You can also modify the login form (jboss-portal.sar/portal-server.war/login.jsp) to submit the login form to "/portal/j_security_check". This is not ideal as it is not correct according to the Servlet Spec and you would have to update it if you change the portal context ... but it will get you closer to what you want.
I think the problem is a Tomcat issue, but not positive.
I haven't been able to correctly resolve this yet, but the work around works.
Thanks a lot for the help. It worked just fine the way you described it.
Now I have a different problem. In case the login fails the portal redirects you to the main page and not to an error page. I would like to have an error page (like the login screen) that gets displayed in case of a login failure. I create the missing html page that is referenced from the login form but it is not called and displayed. Any ideas on what is wrong?
try to add an explicit mapping in the web.xml that points to the error JSP (like there is a mapping defining an explicit mapping for the login JSP)
When it works could you be kind enough create a page in the wiki telling how to proceed ?
Thanks for the suggestion. It all worked in the end.
I will create a page in wiki that details what needs to be done.
I am using jboss portal 2.6.1
I followed the instruction mentioned below to force a login page but some thing doesn't quite work well.
By default JBoss Portal will display whatever welcome page is configured even if a user is not logged in. This page details what needs to be done in order to force the display of the login page if a user is not logged in if this behavior is desired. These instructions refer to JBoss Portal 2.0.
The steps are the following:
* Edit web.xml in jboss-portal.sar/portal-server.war/WEB-INF
o Change the first security constraint from <url-pattern>/auth/*</url-pattern> to <url-pattern>/*</url-pattern>. This will force the display of the login page mentioned in the <login-config> section of the web.xml (FORM authentication is assumed).
o Change the <form-error-page> in the <login-config> section of web.xml to point to an error page that is going to be displayed when authentication fails. Let's say that page is called badlogin.jsp. You would have then <form-error-page>/badlogin.jsp</form-error-page>.
o Add a new servlet mapping to web.xml. This should look like:
* Edit jboss-portal.sar/portal-server.war/login.jsp and submit the login form to /portal/j_security_check instead of j_security_check. This is not compliant with the servlet specification but it works. You would also have to change this if the root context of the portal is changed (replace portal in the string above with whatever root context you are running your portal under).
I created few pages and followed the steps mentioned above. When I log in, I can see all of the pages that I created with the default page as the active page in that portal. When I click on the next page, the portal does not display the content of that page. Instead, it displayed the content of the default page, even though I can see the url is pointing to the page that I just clicked on in the url location of IE 6
Do I miss something here or do I need to modify something else in that web.xml?