- This topic has 4 replies, 2 voices, and was last updated 18 years, 10 months ago by
.
-
Posts
-
The WEB.XML comments suggest:
<!-- To set up security settings for your web app, create a file named web-security.xml, put it in your project's mergedir. Organize web-security.xml following this DTD slice: <!ELEMENT security-constraint (display-name?, web-resource-collection+, auth-constraint?, user-data-constraint?)> <!ELEMENT web-resource-collection (web-resource-name, description?, url-pattern*, http-method*)> <!ELEMENT web-resource-name (#PCDATA)> <!ELEMENT url-pattern (#PCDATA)> <!ELEMENT http-method (#PCDATA)> <!ELEMENT user-data-constraint (description?, transport-guarantee)> <!ELEMENT transport-guarantee (#PCDATA)> <!ELEMENT login-config (auth-method?, realm-name?, form-login-config?)> <!ELEMENT auth-method (#PCDATA)> <!ELEMENT realm-name (#PCDATA)> <!ELEMENT form-login-config (form-login-page, form-error-page)> <!ELEMENT form-login-page (#PCDATA)> <!ELEMENT form-error-page (#PCDATA)> -->OK… so I created a file named web-security.xml, turned on the xdoclet ‘MERGE’ function, created and named the merge dir, and included the following into web-security.xml in that folder:
<security-constraint> <display-name>JCM Login</display-name> <web-resource-collection> <web-resource-name>JCMlogin WebResource</web-resource-name> <description>JCM Login Constraint</description> <url-pattern>/*</url-pattern> <http-method>FORM</http-method> </web-resource-collection> <auth-constraint> <role-name>jcmUser</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>User Login Realm</realm-name> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/loginerror.jsp</form-error-page> </form-login-config> </login-config>The ‘PROBLEMS’ tab now complains (twice):
The markup in the document following the root element must be well-formed.Here’s the clip of said elements from the WEB.XML file:
<security-constraint> <display-name>JCM Login</display-name> <web-resource-collection> <web-resource-name>JCMlogin WebResource</web-resource-name> <description>JCM Login Constraint</description> <url-pattern>/*</url-pattern> <http-method>FORM</http-method> </web-resource-collection> <auth-constraint> <role-name>jcmUser</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>User Login Realm</realm-name> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/loginerror.jsp</form-error-page> </form-login-config> </login-config>The point is, the syntax suggested and the implementation of same show that there is no root-level definition to enclose the two elements. If one is created and used, the ERROR situation is eliminated but the two elements are out of the scope in which they are expected to be discovered.
QUESTION: Where/What would be modified to make this ERROR condition go away? The elements DO appear, as intended, in the WEB.XML file.
Thank you!
BTW – The JSF Login Demo is not much help in this case – and also does not work when deployed in JBoss versus Tomcat.
Lance,
Where are you getting this notification for the web-security file? MyEclipse doesn’t generate any tips like this when creating a web project. Also, if the problem is that the fragments are you using to generate the final web.xml file are marked as incomplete, you can right click on them and set them as “Derived” under properties, then clean your project. The XML validator should skip over them then.YEAA! Checking the derived setting in the file-properties did the trick! THANK YOU for that tip.
My experience has been that MyEclipse support is comprised of incredibly savvy and helpful people.
My ‘Pro Subscription’ has more than paid for itself in time saved and understanding of how better to use this really capable development environment.
