Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Using override-web.xml

Jetty 8.1.14

Here's the as-is web.xml. Note that it's using variable substitution from maven properties for <transport-guarantee> and <form-login-page>, which is one reason I want to override it; I'm trying to launch  the app in Jetty before/without the maven properties substitution.

    <security-constraint>
        <display-name>xxxxx</display-name>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <!-- Define the context-relative URL(s) to be protected -->
            <url-pattern>/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>manager</role-name>
            <role-name>newprospect</role-name>
            <role-name>customer</role-name>
            <role-name>cadmin</role-name>
        </auth-constraint>

        <user-data-constraint>
            <transport-guarantee>${web.security.constraint}</transport-guarantee>
        </user-data-constraint>

    </security-constraint>
    <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>Health E Systems</realm-name>
        <form-login-config>
            <form-login-page>/${login.form.page}</form-login-page>
            <form-error-page>/login/login_error.html</form-error-page>
        </form-login-config>
    </login-config>


I don't know if this info makes any difference but I'm using the Eclipse Jetty Launcher Plugin (http://eclipse-jetty.sourceforge.net/) to launch (since there doesn't appear to be a Jetty connector for WTP). I've modified that plugin to include <overrideDescriptor> in the app context configuration.

 Eric


> -----Original Message-----
> From: jetty-users-bounces@xxxxxxxxxxx [mailto:jetty-users-
> bounces@xxxxxxxxxxx] On Behalf Of Jan Bartel
> Sent: Wednesday, June 25, 2014 4:16 AM
> To: JETTY user mailing list
> Subject: Re: [jetty-users] Using override-web.xml
>
> Eric,
>
> Can you post which version of jetty you are using, and also the relevant
> sections from your web.xml.
>
> Jan
>
> On 24 June 2014 22:29, Eric Rizzo <erizzo@xxxxxxxxxxxxxxxxxx> wrote:
> > I’m trying to use the override-web.xml feature
> > (https://www.eclipse.org/jetty/documentation/current/override-web-
> xml.
> > html) to override some of the web.xml configuration in an app. There
> > are two parts of web.xml that I need to override,
> > the<transport-guarantee> and <form-login-page> . So my WebAppContext
> > configuration includes this:
> >
> >
> >
> > <Set name="overrideDescriptor">override-web.xml</Set>
> >
> >
> >
> > And my override-web.xml look like this:
> >
> >
> >
> > <?xml version="1.0" encoding="UTF-8"?>
> >
> > <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> > xmlns="http://java.sun.com/xml/ns/javaee";
> > xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";
> > xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
> > http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"; id="WebApp_ID"
> > version="2.5">
> >
> >
> >
> >        <security-constraint>
> >
> >               <web-resource-collection>
> >
> >                      <web-resource-name>Protected
> > Area</web-resource-name>
> >
> >                      <!-- Define the context-relative URL(s) to be
> > protected
> > -->
> >
> >                      <url-pattern>/*</url-pattern>
> >
> >                      <http-method>GET</http-method>
> >
> >                      <http-method>POST</http-method>
> >
> >               </web-resource-collection>
> >
> >
> >
> >               <user-data-constraint>
> >
> >                      <transport-guarantee>NONE</transport-guarantee>
> >
> >               </user-data-constraint>
> >
> >        </security-constraint>
> >
> >
> >
> >        <login-config>
> >
> >               <auth-method>FORM</auth-method>
> >
> >               <realm-name>Health E Systems</realm-name>
> >
> >               <form-login-config>
> >
> >
> > <form-login-page>/login/login.html</form-login-page>
> >
> >
> > <form-error-page>/login/login_error.html</form-error-page>
> >
> >               </form-login-config>
> >
> >        </login-config>
> >
> > </web-app>
> >
> >
> >
> >
> >
> > It seems that the <transport-guarantee> is working (when I run I am
> > not required to use https), but the login page doesn’t seem to be
> > working. I am not automatically redirected to that page as expected
> > (it does work as intended if I simply change the<form-login-page>
> > value directly in the app’s web.xml).
> >
> > Am I doing something wrong? Is there a limit as to what can be
> > overridden with this capability?
> >
> >
> >
> > Thanks,
> >
> > Eric
> >
> >
> >
> >
> > _______________________________________________
> > jetty-users mailing list
> > jetty-users@xxxxxxxxxxx
> > https://dev.eclipse.org/mailman/listinfo/jetty-users
> >
>
>
>
> --
> Jan Bartel <janb@xxxxxxxxxxx>
> www.webtide.com
> 'Expert Jetty/CometD developer,production,operations advice'
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/jetty-users

Back to the top