-
1. Re: Http status error 404: you requested resources are not a
You should not access the login page directly but try accessing any web resource. The container internally will redirect to the login page and after authentication/authorization, will get u the resource u sought.
-
2. Re: Http status error 404: you requested resources are not a
Thanks for your reply,
Can you tell me how I can have the container invoke the customized login module? you can see all my config files in the previous thread.
Does the container invoke a hidden servlet to handle the j_security_check action from the form?
where i should place the customized login module? under \jboss_home\server\default\deploy?
how many places need to be configured? jboss-web.xml, web.xml,login-config.xml, anywhere else?
<?xml version="1.0"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>SecurePages</web-resource-name>
Security constraint for resources in the secure directory
<url-pattern>/secure/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
only let the system user login
<role-name>admin</role-name>
</auth-constraint>
<user-data-constraint>
SSL not required
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/LoginError.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
The Secure ROLE
<role-name>admin</role-name>
</security-role>
</web-app>