Eclipse, WTP, Servlets and Web.xml

Similar Messages

• How to set two different welcome-file to different servlets in web.xml

  Hi friends,
  Can some one help with web.xml file
  I have to different servlets in applications.
  I want to set two different welcome files for my two different
  servlets in web.xml
  Please, can some one give me sample code to achieve this.
  Here web.xml code:
  <?xml version="1.0" encoding="ISO-8859-1"?>
  <!DOCTYPE web-app PUBLIC
  "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
  "http://java.sun.com/dtd/web-app_2_3.dtd">
  <web-app>     
       <servlet>
            <servlet-name>reports</servlet-name>
            <servlet-class>com.caremark.ivr.servlet.IvrReportsServlet</servlet-class>
       </servlet>
       <servlet-mapping>
            <servlet-name>reports</servlet-name>
            <url-pattern>/reports</url-pattern>
       </servlet-mapping>
       <session-config>
            <session-timeout>30</session-timeout>
       </session-config>
       <welcome-file-list>
            <welcome-file>reportsindex.jsp</welcome-file>
       </welcome-file-list>
       <servlet>
            <servlet-name>calldetails</servlet-name>
            <servlet-class>com.caremark.ivr.servlet.IvrCallDetailsServlet</servlet-class>
       </servlet>
       <servlet-mapping>
            <servlet-name>calldetails</servlet-name>
            <url-pattern>/calldetails</url-pattern>
       </servlet-mapping>
  <welcome-file-list>
            <welcome-file>calldetailsindex.jsp</welcome-file>
       </welcome-file-list>
  </web-app>
  I need this fix immediately. Your help will be really appreciated. Thanks in advance.

  First of all, my understanding is that you need to have a Servlet 2.4 complaint server to do this...Given that, you're supposed to be able to simply specify the Name of the servlet as the welcome-file to get it to work. For example:
  Your servlet section:
  <servlet>
    <servlet-name>Controller</servlet-name>
    <servlet-class>com.company.ControllerServlet</servlet-class>
  </servlet>Now you would add the following to your welcome file list:
  <welcome-file-list>
    <welcome-file>Controller</welcome-file>
  </welcome-file-list>Note that you use the servlet-name value from the servlet definition, NOT the url-mapping from the servlet-mapping section.
  Please note that I cannot verify this as I am running a 2.3 server at home. When I get to work Friday I can test on a 2.4 machine. However this shouldn't take you more than a minute to test.
  Note that I did try this on the 2.3 compliant server and it did NOT work (as I expected)...
  HTH.

• Weblogic 10 jaas and login.jsp and web.xml/weblogic.xml security constaints

  Hello,
  I struggled through and got the examples.security.jaas.SampleCallbackHandler.java and examples.common.utils.ExampleUtils.java/ExampleConstants.java into eclipse where they compile. A bean I made can call SambleCallbackHandler like such:
  mybean.logmein(username,password,url). I can then do a mybean.getStatus() or even a mybean.returnCode(). It does seem to correctly identlify that it is authenticating me (I see in stdout logs that it shows success or failures. The problem I have is I do not know how to apply this weblogic and web.xml/weblogic.xml so that if authentication works it redirects me to the page requiring the authentication. In web.xml I have the following set up:
  <security-role>
       <role-name>Admins</role-name>
  </security-role>
  <login-config>
       <auth-method>FORM</auth-method>
       <realm-name>default</realm-name>
       <form-login-config>
            <form-login-page>/login.jsp</form-login-page>
            <form-error-page>/badlogin.html</form-error-page>
       </form-login-config>
  </login-config>
  <security-constraint>
       <web-resource-collection>
            <web-resource-name>empower</web-resource-name>
            <description>These pages are only accessible by authorized users.</description>
            <url-pattern>/admin/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
       </web-resource-collection>
  <auth-constraint>
  <description>These are the roles who have access</description>
  <role-name>Administrators</role-name>
  </auth-constraint>
       <user-data-constraint>
       <description>This is how the user data must be transmitted</description>
       <transport-guarantee>NONE</transport-guarantee>
       </user-data-constraint>
  </security-constraint>
  My weblogic.xml has:
  <?xml version="1.0" encoding="UTF-8"?>
  <wls:weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wls="http://www.bea.com/ns/weblogic/90" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd http://www.bea.com/ns/weblogic/90 http://www.bea.com/ns/weblogic/90/weblogic-web-app.xsd">
  <wls:security-role-assignment>
  <wls:role-name>Admins</wls:role-name>
  <wls:principal-name>Administrators</wls:principal-name>
  <wls:principal-name>dashap</wls:principal-name>
  </wls:security-role-assignment>
  </wls:weblogic-web-app>
  With this set up, if I try to go to a page in /admin folder in my application, it correctly pops up the login page. The jaas in the bean is doing a loginContext.login(), which I thought does authentication too, but it never goes back to the /admin page I was going to that needed the authentication. With jaas, can I not use the web.xml FORM security option? Do I Need to use j_security in the login.jsp's form's action= option and j_username and j_password for the input type names? How do I use j_username/j_password things if I am using jaas? I could just ignore using the web.xml security stuff and put something in the pages that need authentication, but it would be easier if I could use jaas with the security featurs without doing all that. Note that my code above is using a realm called default just because that was what was in the example I got from the web. Does that need to be something else?

  Hi John,
  I would like magic of course. However, in this case I want something special: my authentication provider uses special means and contents of headers, cookies and service from external identity management systems to determine the user's identity.
  I do not want the application to present the login dialog! I want to derive the identity and the fact that the user is logged in from whatever the authentication provider returns in terms of Subject.
  Ideally, the flow is something like:
  - user accesses an unprotected resource - resource is shown, no interaction with authentication provider
  - user presses a link or button that takes him/her to a protected resource
  - the authentication provider is contacted to work with the identity asserter to establish the identity of the current user and create a subject object for this user
  - the application can access the subject and principals
  - ADF Security recognizes the identity and the roles (based on the principals) and coordinates access based on this.
  the authentication method is client certificate. presumably this prompts WebLogic/OPS to use an identity asserter to work with custom headers and cookies ("... when you configure a web application to use CLIENT-CERT authentication. In this case, WebLogic can perform identity assertion based on values from request headers and cookies. If the header name or cookie name matches the active token type for the provider, the value is passed to the provider."). No login form should be presented to the user, as all information required to perform the authentication is already available.
  I am trying to understand what I must do to have the ADF application adopt the subject set by the authentication provider - if anything?!
  If you more ideas to share - I would love to hear them.
  best regards,
  Lucas

• MUST I include every servlet in web.xml??

  I am learning servlet and trying to write some codes by myself.
  When I want to invoke servlet by form, tomcat always shows that the requested resource is not available.
  I've tried some different paths for the value of ACTION, but none of them work.
  Hence, I'm wondering whether I can invoke a servlet in form without explicitly write it in web.xml??
  Could anyone generously give me an answer?

  It may be possible to configure your web server so it executes servlets with URLs like http://the.ser.ver/servlet/com.yourcompany.yourpackage.TheServlet. URLs like that are ugly and can lead to security problems so I definitely recommend against them.
  You could write a front controller servlet. Then you'll need to configure the servlets in YourFrontControllerServletConfig.xml instead of web.xml so I'm not sure if that buys you much.
  I'd just configure servlets in web.xml. That's what it is there for.
  When you write a servlet you gather requirement specs for your servlet, do architecture and technical design, graphic layout design, servlet programming, back end code programming, unit testing, jar deployment, system (& performance, security, usability, etc) testing. After all that, the task of copy&pasting ten lines in web.xml shouldn't be a terribly large task. Unless you have lost nine of your fingers in a horrible chain saw accident or something.
  (Apologies to anyone out there who has lost nine of his fingers in a terrible chain saw accident.)

• How to Modify Server.xml and web.xml inTomcat

  Hii
  i am very new to tomcat..and using servlets..so plx tell me hw i can modify the server.xml and web.xml....
  if my installables are in c:\program files\apache group\tomcat4.1
  ok...i have my servlets file in c:\program files\apache group\tomcat4.1\webapps\ap1\WEB-INF\classes..so plz advice me on modifying the server.xml and web.xml....also tell me how and what we do in mapping
  Plz tell me soon...
  thanking u in advance.
  rahul
  Take care.:)

  for web.xml you need something like this, i took this from the web.xml under the examples directory in tomcat:
  <?xml version="1.0" encoding="ISO-8859-1"?>
  <!DOCTYPE web-app
  PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
  "http://java.sun.com/dtd/web-app_2_3.dtd">
  <web-app>
  <servlet>
  <servlet-name>
  servletToJsp
  </servlet-name>
  <servlet-class>
  servletToJsp
  </servlet-class>
  </servlet>
  <servlet>
  <servlet-name>
  CompressionFilterTestServlet
  </servlet-name>
  <servlet-class>
  compressionFilters.CompressionFilterTestServlet
  </servlet-class>
  </servlet>
  </web-app>
  basically you need to map the servlet with a class, for servlet-name call it whatever you like, you'll be using this name in the url to access you servlet, for the class give it the name of the class, java complied class, that's it.
  server.xml is used to configure tomcat.

• Changing the directory Structure of Jsp and web.xml files

  Hi,
  I am using the JDeveloper 11g preview. Can any one tell me how to change the Jsp and web.xml files ( not in WEB-INF directory of the application) to another directory.
  Thanks in Advance
  Gopal

  Hi Frank,
  Is it possible for me to change the folder structure which JDeveloper is providing for web project?
  By default JDeveloper is giving the following folder structure.
  In the project's root folder there is a public_html and src folder along with .jpr file.
  In public_html folder thre is an WEB-INF folder and a jsp file
  In WEB-INF folder there is an classes folder along with web.xml file.
  I need to have the following folder structure :
  The WEB-INF folder should be in root folder of project not in public_html folder
  src folder must be in WEB-INF folder.
  Thanks in Advance
  Anil Golla

• Unable To lookup .... weblogic.jobscheduler  and  web-xml resource ref

  Unable To lookup .... weblogic.jobscheduler and web-xml resource ref for timer manager
  JNDI NameNotFound Exception ....
  Do, i need to configure something get that working.
  Didn't find any thing on documentation or hosted examples.

  The default timermanager can be refered to as follows:
  <resource-ref>
      <res-ref-name>tm/default</res-ref-name>
      <res-type>commonj.timers.TimerManager</res-type>
      <res-auth>Container</res-auth>
      <res-sharing-scope>Shareable</res-sharing-scope>
  </resource-ref>http://middlewaremagic.com/weblogic/?p=5569

• Need server.xml and web.xml for connection pooling

  hi guys,
  I am having lots of problem implementing the Connection Pool. I want to use the Tomcat's Connection pool classes and not my connection pool.
  I have gone through lots of problem trying to configure it.
  I got the range of errors. Has someone worked on this. Does it work with Tomcat 4.1 and Oracle 8i. Can anyone provide any links or previous posts to help me out.
  If someone can paste their working server.xml and web.xml then that would be really grt.
  Any kind of help would be really helpful.
  Amit

  Tomcat does not have a connection pooling mechanism. I've used Apache Commons DBCP with Tomcat although with PostgreSQL. It works great.
  Nothing in my web.xml gets modified. Only server.xml needs to be updated for DBCP. The Tomcat JNDI Datasource documentation is very good and should get you through.

• Web application and web.xml

  i have a web application consisting of 1 servlet and 5 jsps.
  the start point would be index.jsp
  i use firmwide login page. after login, i want the browser to display index.jsp page.
  In web.xml, i have defined -
  <welcome-file-list>          <welcome-file>/jsp/index.jsp</welcome-file>     </welcome-file-list>       <servlet>        <servlet-name>UtilitiesServlet</servlet-name>        <servlet-class>com.gs.fw.sox404.utilities.UtilitiesServlet</servlet-class>             <init-param>             <param-name>util-log4j-init-file</param-name>             <param-value>/WEB-INF/classes/util_log4j.properties</param-value>          </init-param>        <load-on-startup>1</load-on-startup>    </servlet>     <servlet-mapping>        <servlet-name>UtilitiesServlet</servlet-name>        <url-pattern>/UtilitiesServlet</url-pattern>    </servlet-mapping>if i define it as just index.jsp in the welcome file list, after successful login, it displays the dir structure of the web app.
  if i define it as jsp/index.jsp, then in some of the pages, it tries to find the servlet inside jsp folder.
  What would be the best way to get around this?

  Well, yes, it's not able to find it because you've not understood the mechanism of how it works clearly. You have to put your welcome file under every directory you want it to be used from. Like I said, it's not a path, it's a filename. So if the container sees that your request URL is for a directory, it'll look for the welcome files from the welcome file list, one by one, in the order of declaration. Whichever one it finds first, it'll serve that. If it doesn't find any, then it'll either give a 404 or a directory listing depending on the server and it's settings.
  So your problem is that you've put your index.jsp in your JSP folder but expect it to be served for all URLs. That won't happen, you'll have to put one file named index.jsp into every directory. The reasoning is pretty simple, what if you want different behaviour for each folder?
  This should fix your problem :)
  People on the forum help others voluntarily, it's not their job.
  Help them help you.
  Learn how to ask questions first: http://faq.javaranch.com/java/HowToAskQuestionsOnJavaRanch
  ----------------------------------------------------------------

• Registered servlets in web.xml do not work....WHY????

  Hi i am executing a web application on tomcat 4.1.29 and have the following structure...the jsp pages are executed but when sendinga request to a servlet the servlets are not executed...Can somebody guide me out of this....
  webapps
  {MyApp}->[web-inf][jsp]
  {web-inf}->[classes][lib]
  {classes}->[com][src]
  {src}->[source files]
  when the source files are compiled package structure is followed and the class files are grneated in
  com.MyApp.servlets
  ...etc
  the servlets are registered in the web.xml file as shown below.....few lines of my web.xml file
  <servlet>
  <servlet-name>userServlet</servlet-name>
  <servlet-class>com.MyApp.servlets.UserServlet</servlet-class>
  </servlet>
  even then when accessing a servlet it says the resource not found
  The requested resource (/MyApp/servlet/UserServlet) is not available.
  am i missing something some where...why are the servlets not executed????

      <servlet>
          <servlet-name>UserServlet</servlet-name>
          <servlet-class>com.MyApp.servlets.UserServlet</servlet-class>
          <load-on-startup>2</load-on-startup>
      </servlet>
      <servlet-mapping>
          <servlet-name>UserServlet</servlet-name>
          <url-pattern>/User</url-pattern>
      </servlet-mapping>I'd invoke it with this URL:
  http://localhost:8080/MyApp/UserServlet
  hmm something seems to be wrong here ;-)
  URL should be
  http://localhost:8080/MyApp/User (see <url-pattern>)

• J_security_check and web.xml

  Hi,
  I've set up a web application with form authentication
  Here's part of my web.xml:
  <security-role>
     <description>user</description>
     <role-name>user</role-name>
  </security-role>
    <!-- Login Authentication -->
    <security-constraint>
      <display-name>Secure User Pages</display-name>
      <web-resource-collection>
        <web-resource-name>SecureUserPages</web-resource-name>
        <url-pattern>/jsp/welcome.jsp</url-pattern>
      </web-resource-collection>
      <auth-constraint>
           <description>user</description>
           <role-name>user</role-name>
      </auth-constraint>
    </security-constraint>
    <login-config>
      <auth-method>FORM</auth-method>
      <form-login-config>
        <form-login-page>/jsp/login.jsp</form-login-page>
        <form-error-page>/jsp/loginError.jsp</form-error-page>
      </form-login-config>
    </login-config>When I request welcome.jsp, I'm taken to login.jsp.
  If I enter an incorrect login/password combo, the contents of loginError.jsp show up, but the url says http://hostname:port/appname/jsp/j_security_check
  How can I make it so that the url does not show 'j_security_check', but 'loginError.jsp'?
  Second, if I enter a correct login/password combo, I am not taken to the page I requested - I stay on the login page, but the information in the form fields gets wiped out. According to my logs, it says that I logged in correctly.
  Can someone shed some light on these one or both of these issues?
  Thanks in advance,
  C

  To answer you,
  1. j_security_check servlet forwards the request to loginError.jsp on login failure. Hence you don't see any change in URL at the address bar. Use redirect at your application level to see the change in URL at the address bar.
  If you want to attain some more flexibility at the login level, probably JAAS can help you out.
  2. _"Second, if I enter a correct login/password combo, I am not taken to the page I requested - I stay on the login page, but the information in the form fields gets wiped out. According to my logs, it says that I logged in correctly"_
  If you're really sure about correctness of your log, i think, you have directly invoked login.jsp from your browser and then you must have entered a valid username/password.May be this is the reason you get to see login.jsp again on successful login.
  Solution, would be to directly invoke welcome.jsp from browser.Provide valid username and password and then see whether you really get to see welcome.jsp or not?

• (newbie) Question about replacing .class files and web.xml file

  I'm new to servlets and I have two quick questions...
  Do I absolutely need a web.xml file to define all my servlets, or can I simply place .class files into the WEB-INF directory and expect them to run?
  If my application server (for example Tomcat) is running and I replace a servlet .class file, do I need to restart the server for the new .class file to take effect?
  ...or are both of these questions specific to the application server I'm using?

  Hi,
  From an article I read:
  With Tomcat 3.x, by default servlet container was set up to allow invoking a servet through a common mapping under the /servlet/ directory.
  A servlet could be accessed by simply using an url like this one:
  http://[domain]:[port]/[context]/servlet/[servlet full qualified name].
  The mapping was set inside the web application descriptor (web.xml), located under $TOMCAT_HOME/conf.
  With Tomcat 4.x the Jakarta developers have decided to stop allowing this by default. The <servlet-mapping> tag that sets this mapping up, has been commented inside the default web application descriptor (web.xml), located under $CATALINA_HOME/conf:
  <!-- The mapping for the invoker servlet -->
  <!--
  <servlet-mapping>
  <servlet-name>invoker</servlet-name>
  <url-pattern>/servlet/*</url-pattern>
  </servlet-mapping>
  -->
  A developer can simply map all the servlet inside the web application descriptor of its own web application (that is highly suggested), or simply uncomment that mapping (that is highly discouraged).
  It is important to notice that the /servlet/ isn't part of Servlet 2.3 specifications so there are no guarantee that the container will support that. So, if the developer decides to uncomment that mapping, the application will loose portabiliy.
  And declangallagher, I will use caution in future :-)

• Servlets within web.xml

            I am using WLS 5.1.0 with SP6.
            Previously I was controlling servlet access via an ACL in the weblogic.properties file.
            I have now moved the servlet into the web.xml file and specified
            some security constraints on this servlet. I can access the servlet. However regardless of what type of security I specify I cannot control access of the server by anything other than the guest user. Here is the web.xml file I have been using.
            <servlet>
            <servlet-name>AuthServlet</servlet-name>
            <servlet-class>com.myapp.web.servlet.AuthServlet</servlet-class>
            </servlet>
            <servlet-mapping>
            <servlet-name>AuthServlet</servlet-name>
            <url-pattern>auth</url-pattern>
            </servlet-mapping>
            <security-constraint>
                 <web-resource-collection>
                      <web-resource-name>Test Deployment Descriptor</web-resource-name>
                      <description>Test Deployment Descriptor for test Authentication Servlet.</description>
                      <url-pattern>/cam/auth</url-pattern>
                      <http-method>GET</http-method>          
                      <http-method>POST</http-method>
                 </web-resource-collection>
                 <auth-constraint>
                      <role-name>MarkEngstrom</role-name>
                 </auth-constraint>
                 <user-data-constraint>
                      <transport-guarantee>NONE</transport-guarantee>
                 </user-data-constraint>
            </security-constraint>
            <login-config>
                 <auth-method>FORM</auth-method>
                 <realm-name>default</realm-name>
            <form-login-config>
                      <form-login-page>/form.jsp</form-login-page>
                      <form-error-page>/error.jsp</form-error-page>
                 </form-login-config>
            </login-config>
            Note : the <role-name> is a user I have specified in my weblogic.properties file. I am using the default security realm.
            I don't get any exceptions reported in the log files and I think it must be some configuration I have missed because the security constraints appear to be totally ignored.
            Does anyone have any suggestions ?.
            Thanks,
            Mark Engstrom
            

            hi, I pump to the same problem before.
            I think you url mapping when you define web resource should starts with /, or
            you say url pattern to be *
            Good luck
            "MarkE" <[email protected]> wrote:
            >
            >
            >I am using WLS 5.1.0 with SP6.
            >Previously I was controlling servlet access via an ACL in the weblogic.properties
            >file.
            >
            >I have now moved the servlet into the web.xml file and specified
            >some security constraints on this servlet. I can access the servlet.
            >However regardless of what type of security I specify I cannot control
            >access of the server by anything other than the guest user. Here is
            >the web.xml file I have been using.
            >
            > <servlet>
            > <servlet-name>AuthServlet</servlet-name>
            > <servlet-class>com.myapp.web.servlet.AuthServlet</servlet-class>
            > </servlet>
            >
            > <servlet-mapping>
            > <servlet-name>AuthServlet</servlet-name>
            > <url-pattern>auth</url-pattern>
            > </servlet-mapping>
            >
            > <security-constraint>
            >      <web-resource-collection>
            >          <web-resource-name>Test Deployment Descriptor</web-resource-name>
            >          <description>Test Deployment Descriptor for test Authentication Servlet.</description>
            >          <url-pattern>/cam/auth</url-pattern>
            >          <http-method>GET</http-method>          
            >          <http-method>POST</http-method>
            >     </web-resource-collection>
            >     <auth-constraint>
            >          <role-name>MarkEngstrom</role-name>
            >     </auth-constraint>
            >     <user-data-constraint>
            >          <transport-guarantee>NONE</transport-guarantee>
            >     </user-data-constraint>
            > </security-constraint>
            >
            > <login-config>
            >      <auth-method>FORM</auth-method>
            >     <realm-name>default</realm-name>
            > <form-login-config>
            >           <form-login-page>/form.jsp</form-login-page>
            >           <form-error-page>/error.jsp</form-error-page>
            >      </form-login-config>
            > </login-config>
            >
            >Note : the <role-name> is a user I have specified in my weblogic.properties
            >file. I am using the default security realm.
            >
            >I don't get any exceptions reported in the log files and I think it must
            >be some configuration I have missed because the security constraints
            >appear to be totally ignored.
            >
            >Does anyone have any suggestions ?.
            >
            >Thanks,
            >
            >Mark Engstrom
            >
            

• Servlets and web services

  hi everyone, i'm new to this ... is it possible to instatiate a servlet from a web service? my need is to implement a web service which gives a method that invokes an existing servlet and sends back it's response (which by chance will be a simple serialized xml into a String).
  Thanks in advance ...
  J.

  Hi Jonny,
  You dont really want to instantiate a servlet from your web service, you want to call it (the servlet container is in charge of instantiating servlets, and providing the necessary context for the servlet to run). However calling a servlet isnt much fun as you will need the servlet context, a request dispatcher and a HttpServletResponseWrapper.
  The simplest solution, if you are really just trying to capture some XML output, would be to put the code that generates the XML into a seperate class and call it from both the servlet and your web service.

• Sharing config with Servlet and Web Services

  Hi,
  I am building a Servlet wrapper and a jaxrpc wrapper for my application, so that my client can invoke either servlet or web services to access my application.
  my main application library is at WEB-INF/lib and both the servlet and
  webservices are in WEB-INF/classes.
  I am trying to make them sharing the same configuration file web.xml so that common attributes such as log file location can be read. I know Servlet can read the context and parameters but how to make my web services app to read it, since the web services are not servlet itself but it is invoked by the JAXRPC servlet????
  Thanks

  The early post may answer your question:
  http://forum.java.sun.com/thread.jsp?forum=331&thread=266102