I have a servlet and I want that no one should access the same. How to provide the declarative security for the same. I mean it should promp for login and password while accessing the same servlet/jsp. Do I need to code something in my servlet/jsp file for validation or declaring the security constraint in web.xml file is enough. Moreover tell me where to keep this web.xml file.
My directory structure is as follows:
|-- jsp (this directory has all the jsp)
|--WEB-INF(contains web.xml file and Classes directory )
|-- classes(contains servlets directory)
|-- servlets(all the servlet classes here)
More over do we need user.properties and role.properties file. If so where should I keep those.
At present my web.xml file is as follows:
<?xml version="1.0" encoding="ISO-8859-1"?>
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
Can any one give me the complete xml file considering I have one servlet above.
Context root starts from /client directory.
Hope you got my problem.
Thanks & Regards