oops the html made my msg screwed up!
actually i started thinking that too. but I tried that and it didn't work. i changed it to use a form now. basically what is happening now is i open up the page. it goes to the form, i type in the correct user/pass and it says access denied and doesn't let me back into the login page. here is what i have
**************** web.xml *********************
<security-constraint>
<display-name>admin</display-name>
<web-resource-collection>
<web-resource-name>admin</web-resource-name>
<description/>
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>adminPriv</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>file</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/logonError.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description/>
<role-name>adminPriv</role-name>
</security-role>
</web-app>
*************** sun-web.xml **************************
<security-role-mapping>
<role-name>adminPriv</role-name>
<group-name>secureadmin</group-name>
</security-role-mapping>
************** login ****************
>form action="j_security_check" method=post>
<input type="text" name="j_username" size="25">
<input type="password" size="15" name="j_password">
<input type="submit" value="Submit">
<input type="reset" value="Reset">
>/form>
*********** error ********************
[url var="url" value="/index.jsp"/]
Invalid user name or password.
Please enter a user name or password that is authorized to access this
application. For this application, this means a user that has been created in the
[code]file[/code] realm and has been assigned to the [em]group[/em] of
[code]user[/code]. Click here to a href="${url}">Try Again
[Message sent by forum member 'icemandrew' (icemandrew)]
http://forums.java.net/jive/thread.jspa?messageID=280097