Tomcat 4.1 container authentication on jsp:forward

Discussion in 'Java' started by Pavel, Aug 12, 2004.

  1. Pavel

    Pavel Guest

    Greetings to all -

    I've got a problem with Tomcat 4.1.30 container authentication. I'm
    using BASIC authentication and overall it works fine. But I've noticed
    that I can access a protected resource via jsp:forward.

    Here is my security-constraint:

    So /index.jsp is not there but all it does is a forward to the
    protected resource: <jsp:forward page="/"/>

    I know weblogic takes care of it via
    in weblogic.xml.

    Is there a similar solution to this in Tomcat 1.4 besides adding
    <url-pattern>/index.jsp</url-pattern> to

    I do not want to add <url-pattern>*.jsp</url-pattern> since I'd like
    to have some JSPs to be unprotected - /error.jsp is one example.

    Any suggestions are appreciated.
    Thank you.
    Pavel, Aug 12, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.