i have problem with authentication when using a welcome-file
this is my web.xml
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>all</web-resource-name>
<url-pattern>/index.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>everyone</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name/>
</login-config>
<security-role>
<role-name>everyone</role-name>
</security-role>
in my war file i have
index.jsp
test2.jsp
I want have a security constraint only for index.jsp, test2.jsp it's free for all
When from browser i call "http:\\127.0.0.1:8080\mywebapp"
the welcome file is retrieved and used, but no authentication is required (WRONG)
if i use "http:\\127.0.0.1:8080\mywebapp\index.jsp" authentication is required (OK)
if i set too in web.xml:
<url-pattern>/</url-pattern>
all pages required authentication (test2.jsp too)
Any idea?
thank you
Roberto