Web application security not working - Websphere

This is a discussion on Web application security not working - Websphere ; Hi: I have defined the following security constraint in my web.xml. Code: Communication Support Group MyRole SecureMails SecureMails /Corrupted/*.faces GET POST Communication MyRole NONE BASIC In Websphere 6.1 admin console, I have turned on the Admin and Application security. The ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Web application security not working

  1. Web application security not working

    Hi:

    I have defined the following security constraint in my web.xml.
    Code:
    
    
    Communication Support Group
    MyRole
    
    
    
    SecureMails
    
    SecureMails
    /Corrupted/*.faces
    GET
    POST
    
    
    
    Communication
    MyRole
    
    
    NONE
    
    
    
    BASIC
    
    In Websphere 6.1 admin console, I have turned on the Admin and Application security. The realm is set to Local Operating System. During the installation of my web application I set MyRole to two users using the "User Lookup" button.

    The installation is successful. I restarted the server after install. But I can access all the url, ex. http://localhost:9080/Corrupted/notify.faces etc. I am not an user set up to use the application.

    What am I missing?

    Thank you.

  2. Re: Web application security not working

    Hi,

    You web.xml looks okay, and it sounds like you have the correct security turn on. When you get to the application, does it ask for any type of security? Does the Integrated Console ask for security?

    Thanks, Brian

  3. Re: Web application security not working

    Integrated console prompts me for security. The application does not.

  4. Re: Web application security not working

    Hi, I am posting a simple example of security to the DevWorks form on the IBM DevWorks site. I installed it under WebSphere AS 6.1 and just took the defaults for everything. If your environment is correct, then you should get a form login after the first page. The text is in Italian, as it was originally written for someone in Italy.

    To access the example point your browser to http://:/SecurityTest.

    Brian

+ Reply to Thread