MG>start contents of web.xml
<security-constraint>
<display-name>Restrict access to admin pages</display-name>
<web-resource-collection>
<web-resource-name>Administration</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>
With no roles defined, no access granted
</description>
</auth-constraint>
</security-constraint>
MG>end contents of web.xml
This is to protect resources under /admin
But in my test domain running on Solaris, the server didn't treat the
/admin/admin.jsp as the protected resource and instead of directing to
the login page, admin.jsp got displayed without authentication. This
seem to be a problem on Glassfish build: (build b08-p03) and works as
expected on build b05-p01.
Any pointer on what could be going on here?
Thanks,
Pavneet
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
For additional commands, e-mail: users-help_at_glassfish.dev.java.net
_________________________________________________________________
Windows Live™: Life without walls.
http://windowslive.com/explore?ocid=TXT_TAGLM_WL_allup_1a_explore_032009