I'd like to protect a single .jsp-page from anonymous access. I'm trying to do that the following way:
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>
t-webapp</display-name>
<servlet>
<servlet>
<description>
</description>
<display-name>
ZServlet</display-name>
<servlet-name>ZServlet</servlet-name>
<servlet-class>
a.b.c.d.application.t.ZServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>ZServlet</servlet-name>
<url-pattern>/ZServlet</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<display-name>
TTests</display-name>
<web-resource-collection>
<web-resource-name>TTests</web-resource-name>
<url-pattern>/ttests.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>PUT</http-method>
<http-method>HEAD</http-method>
<http-method>TRACE</http-method>
<http-method>POST</http-method>
<http-method>DELETE</http-method>
<http-method>OPTIONS</http-method>
</web-resource-collection>
<auth-constraint>
<description>
TServletRoles</description>
<role-name>role_admin1</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>
role_admin1</description>
<role-name>role_admin1</role-name>
</security-role>
But whenever I'm accessing ttests.jsp, I'm getting access immediately - without having to fill username/password... what am I missing?
Thanks a lot!
The first step would be to make sure that global security is enabled on your websphere profile with the Enable application security check box checked.
Related
I am stuck with this issue where my context is initialized but not able to send that event to listener instance of class [org.springframework.boot.legacy.context.web.SpringBootContextLoaderListener]
Error from localhost.log of Catalina
org.springframework.context.ApplicationContextException: Failed to load custom context class [classpath:META-INF/spring/mvc-root.xml]; nested exception is java.lang.ClassNotFoundException: classpath:META-INF/spring/mvc-root.xml
at org.springframework.boot.legacy.context.web.SpringBootContextLoaderListener.createSpringApplicationBuilder(SpringBootContextLoaderListener.java:174)
mvc-root.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:jee="http://www.springframework.org/schema/jee"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<context:component-scan base-package="com.bnpparibas.wmi.tat"/>
</beans>
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<display-name>tatv3</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:META-INF/spring/mvc-root.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.boot.legacy.context.web.SpringBootContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>com.bnpparibas.wmi.tat.config.MyContextListener</listener-class>
</listener>
<servlet>
<servlet-name>appServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextAttribute</param-name>
<param-value>org.springframework.web.context.WebApplicationContext.ROOT</param-value>
</init-param>
<init-param>
<param-name>contextClass</param-name>
<param-value>org.springframework.web.context.support.AnnotationConfigWebApplicationContext</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>appServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<session-config>
<session-timeout>5</session-timeout>
</session-config>
</web-app>
Note :: This same configuration was working fine with Spring Boot 1.3 but it is failing after upgrading to Spring Boot 2.7
Any help would be much appreciated!!!
I created a Java Servlet server running on Tomcat 7.0 through eclipse. The Project uses Maven and Spring. The project works perfectly on Linux (Mint) but not on Windows. I am able to get into .jsp pages but not able to access servlets because I get a 404 error(only on Winosws).
So if I look up http://localhost:8080/projectName/index.jsp this will work. But http://localhost:8080/projectName/ServletName I get a 404 error, the servlet is suppose to redirects to a .jsp page.
My web.xml file
<web-app id="WebApp_ID" version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>projectName</display-name>
<context-param>
<param-name>ApplicationContext</param-name>
<param-value>/WEB-INF/applicationContext.xml</param-value>
</context-param>
<servlet>
<servlet-name>projectName</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<description>
</description>
<display-name>WebService</display-name>
<servlet-name>WebService</servlet-name>
<servlet-class>com.servlet.WebService</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>projectName</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>WebService</servlet-name>
<url-pattern>/WebService</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
</web-app>
I am trying to add a resource-ref to my web.xml. It looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>de.so.orderalloc.servlet.web</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<display-name>OrderAllocServlet</display-name>
<servlet-name>OrderAllocServlet</servlet-name>
<servlet-class>servlet.OrderAllocServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>OrderAllocServlet</servlet-name>
<url-pattern>/OrderAllocServlet</url-pattern>
</servlet-mapping>
Everything is working as intended. Then I am adding the resource-ref so that it looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>de.so.orderalloc.servlet.web</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<display-name>OrderAllocServlet</display-name>
<servlet-name>OrderAllocServlet</servlet-name>
<servlet-class>servlet.OrderAllocServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>OrderAllocServlet</servlet-name>
<url-pattern>/OrderAllocServlet</url-pattern>
</servlet-mapping>
<resource-ref>
<res-ref-name>jdbc/as400</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>
After that if I submit my form I will get this error:
Error 404: com.ibm.ws.webcontainer.servlet.exception.NoTargetForURIException: No target servlet configured for uri: /de.so.orderalloc.servlet.web/OrderAllocServlet
I can't figure out why it breaks when I add the resource-ref. Am I missing something ?
Thanks in advance
It is solved.
The problem was that I didn't add a
<resource-ref name="jdbc/as400" binding-name="jdbc/as400"></resource-ref>
to my ibm-web-bnd-xml.
I'm making a spring project and regist scheduler,
but four processes are executed overlapping.
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="couchLogServer" version="2.5">
<display-name>couchLogServer</display-name>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext_SqlMapClient.xml</param-value>
</context-param>
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>
org.springframework.web.filter.CharacterEncodingFilter
</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>couchLogServer</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>couchLogServer</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
server.xml
<Engine defaultHost="localhost" name="Catalina">
<Host appBase="webapps" autoDeploy="false" deployOnStartup="false" name="localhost" unpackWARs="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" pattern="%h %l %u %t "%r" %s %b" prefix="localhost_access_log." suffix=".txt"/>
<Context docBase="ROOT" path="/couchLogServer" reloadable="true" source="org.eclipse.jst.jee.server:couchLogServer"/></Host>
</Engine>
How can I schedule only one task?
Please help me;
I want only one task scheduler.
Try this link. It has good examples.
In your .xml configuration you can do like this:
<context:component-scan base-package="com.package.location" />
<task:scheduled-tasks scheduler="Scheduler">
<task:scheduled ref="yourBean" method="yourMethod" fixed-delay="5000" />
</task:scheduled-tasks>
<task:scheduler id="myScheduler"/>
This will execute the 'yourMethod' method every 5 seconds. It uses it own thread so no need to worry about the overlapping.'com.package.location' is the package address where your class is located.
I've followed this tutorial http://blog.gamatam.com/2009/11/jdbc-realm-setup-with-glassfish-v3.html
The problem is that I get login dialog again and again like pass is wrong (and never page), but I clearly see values in DB. Pass is MD5 of the word 'admin'.
So how to debug it?
Here are the settings and printscreens: http://codepad.org/jHNRpAta
And here is web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<security-constraint>
<display-name>Constraint1</display-name>
<web-resource-collection>
<web-resource-name>test</web-resource-name>
<description/>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>USER</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>security</realm-name>
</login-config>
<security-role>
<description/>
<role-name>USER</role-name>
</security-role>
<security-role>
<description/>
<role-name>ADMIN</role-name>
</security-role>
</web-app>
And here is glassfish-web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glassfish-web-app PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 Servlet 3.0//EN" "http://glassfish.org/dtds/glassfish-web-app_3_0-1.dtd">
<glassfish-web-app error-url="">
<security-role-mapping>
<role-name>USER</role-name>
<group-name>USER</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>ADMIN</role-name>
<group-name>ADMIN</group-name>
</security-role-mapping>
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class' java code.</description>
</property>
</jsp-config>
</glassfish-web-app>