How do you modify the web.xml to lock down the pages from a user role

Similar Messages

• How to avoid inserting CheckSessionFilter in to the web.xml file?

  Mobile Server modifies the web.xml during adding a .war-file to the publication. A new entry- CheckSessionFilter will be inserted inside the web.xml after uploading to the mobile server:
  ****************** inserted part **********************
  <filter>
  <filter-name>CheckSessionFilter</filter-name>
  <filter-class>oracle.lite.web.CheckSessionFilter</filter-class>
  </filter>
  <filter-mapping>
  <filter-name>CheckSessionFilter</filter-name>
  <url-pattern>/*</url-pattern>
  </filter-mapping>
  ****************** inserted part **********************
  Our application has own security-concept and don’t need this additional session checking.
  How can we avoid including of CheckSessionFilter in to our web.xml?

  Don't do "add a war option" Instead, package your application using packaging wizard omitting the filter. Or, you can edit the WEB-INF/web.xml file on the mobile server after you deploy it.
  Make you update the APPLICATIONS table
  UPDATE APPLICATIONS
  SET PUBLISH_TIME = SYSDATE
  WHERE NAME = 'you application';
  You application will be uploaded to:
  STANDALONE
  ORACLE_HOME/mobile_oc4j/j2ee/application/mobileserver/applications/yourapplication/WEB-INF/web.xml
  IAS
  ORACLE_HOME/j2ee/application/mobileserver/applications/yourapplication/WEB-INF/web.xml

• How to config the web.xml file, when I use Richfaces + RI 1.2?

  Hi there:
  I want to use Richfaces + RI 1.2 to build a project. I don`t know how to config the web.xml file.
  By the way, my web server is Tomcat 6.0, my JDK's version is 6u6. I don`t want to use the facelets.
  thanks.
  lxm

  just add this before *</web-app>*
  <context-param>
         <param-name>org.richfaces.SKIN</param-name>
         <param-value>blueSky</param-value>
    </context-param>
    <filter>
         <display-name>RichFaces Filter</display-name>
         <filter-name>richfaces</filter-name>
         <filter-class>org.ajax4jsf.Filter</filter-class>
    </filter>
    <filter-mapping>
         <filter-name>richfaces</filter-name>
         <servlet-name>Faces Servlet</servlet-name>
         <dispatcher>REQUEST</dispatcher>
         <dispatcher>FORWARD</dispatcher>
         <dispatcher>INCLUDE</dispatcher>
    </filter-mapping>

• Do we need to put the following code in the web-xml for the project to run

  Hi^^^,
  actually I have created a project in Eclipse WTP and I am running it from remote server. Its giving me 404 error when I tried to run it.
  I know 404 error is generally due to some error in deployment descriptor.
  I am going through this tutorial for creating project in eclipse WTP
  this says that I need to include the following code in web-xml. Please look at the quotes below
  "Web modules in J2EE has a deployment descriptor where you configure the web application and its components. This deployment descriptors is called the web.xml. According to the J2EE specification, it must be located in the WEB-INF folder. web.xml must have definitions for the Servlet and the Servlet URI mapping. Enter the following lines into web.xml:"
  "Listing 2. Deployment Descriptor web.xml"
  <servlet>
  <servlet-name>Snoop Servlet</servlet-name>
  <servlet-class>org.eclipse.wtp.tutorial.SnoopServlet</servlet-class>
  </servlet>
  <servlet-mapping>
  <servlet-name>Snoop Servlet</servlet-name>
  <url-pattern>/snoop/*</url-pattern>
  </servlet-mapping>
  My question is, it is necessary to include the above lines between <servlet> and </servlet-mapping> in web-xml
  thanks and regards,
  Prashant

  pksingh79 wrote:
  actually I have created a project in Eclipse WTP and I am running it from remote server. Its giving me 404 error when I tried to run it.
  I know 404 error is generally due to some error in deployment descriptor. what's the url you've put.
  <servlet>
  <servlet-name>Snoop Servlet</servlet-name>
  <servlet-class>org.eclipse.wtp.tutorial.SnoopServlet</servlet-class>
  </servlet> Every Servlet has to have a <servlet></Servlet> tag in the web.xml
  the <servlet-name>is for the naming the servlet and the <servlet-calss>is for class file of the servlet in your case the .class file is to be in the package of tutorial,if it's not then how the container will no where the calss file is
  <servlet-mapping>
  <servlet-name>Snoop Servlet</servlet-name>
  <url-pattern>/snoop/*</url-pattern>
  </servlet-mapping>You type something in your url likk http://localhost:8080/webappname (Tomcat server),so for url mapping instead of typing the entire class file name ,you just enough have to type what you've put in the <url-mapping> tag and it has to be inside of <servlet-mapping>
  I think the problem is in <url-pattern> change it like /snoop<url-pattern>
  My question is, it is necessary to include the above lines between <servlet> and ></servlet->mapping> in web.xmlSo now you think whether you need something inside <servlet>and </servlet-mapping>

• Is it possible to lock down the _vti_bin and _layouts pages with a wildcard option.

  Hi all,
  A client of mine is running an internet facing sharepoint site. I have managed to lock down the _vti_bin and _layouts pages users for anonymous by using the following entries in my main web.config file:
  <location path="_layouts">
        <system.web>
          <authorization>
            <deny users="?" />
          </authorization>
        </system.web>
      </location>
  and
  <location path="_vti_bin">
        <system.web>
          <authorization>
            <deny users="?" />
          </authorization>
        </system.web>
      </location>
  But this is only ok for the root site collection. Is there a way to lock down all site collections, including sub sites with a type of wildcard entry?
  Due to the nature of the clients business, they will be creating many site collections and subsites. I am trying to find a scalable way to manage this. To add an entry for every new site collection or subsite that gets created on the fly does not seem like
  the most manageable solution.
  Any suggestions would be appreciated.
  Regards
  Mirco

  Hi Sachin,
  Thank You very much for the feedback. The info to secure system pages from authenticated FBA users is very helpful and I will definitely  implement it.  With reference to your second post. This is actually the information I used to lock down my
  sites from anonymous users. Applying this method I noticed that you needed to put an entry for every single site collection and sub site collection, e.g. if I ONLY had a site collection at
  https://me.myserver.com then the following entries in the web.config would secure the _vti_bin and _layouts folder from anonymous users:
  <location path="_layouts">
        <system.web>
          <authorization>
            <deny users="?" />
          </authorization>
        </system.web>
      </location>
  and
  <location path="_vti_bin">
        <system.web>
          <authorization>
            <deny users="?" />
          </authorization>
        </system.web>
      </location>
  But lets say I added another site collection at
  https://me.myserver.com/sites/mysitecollection I would have to add the following entries to the web.config file to secure it from anonymous users:
  <location path="sites/mysitecollection/_layouts">
        <system.web>
          <authorization>
            <deny users="?" />
          </authorization>
        </system.web>
      </location>
  and
  <location path="sites/mysitecollection/_vti_bin">
        <system.web>
          <authorization>
            <deny users="?" />
          </authorization>
        </system.web>
      </location>
  Now this method might be manageable if you are only gonna have 5 or 10 site or subsite collections. My client will have 30, 40, 50, who knows how many. This is why I am trying to find a more manageable way of locking these sites down.
  You can imagine what my web.config will look like eventually and the admin involved in continuously adding these entries to the web.config file to keep it safe from anonymous users.
  Regards
  Mirco

• How do you modify the default Execute thread count in Weblogic Server 9.2?

  How do you modify the default Execute thread count in Weblogic Server 9.2?
  How can you tune the starting number of weblogic.ExecuteThread on server startup and/or set minimum number?
  Is there an option from the console?
  Please let me know.
  Thanks

  Self tuning will automatically manage the threads but however you can still control the min and max by adding the min and max values for each instance either directly adding in config.xml or through JVM settings
  1) Modifying the config.xml
  Just add the following line(s) to each server definition :
  <server>
  <name>AdminServer</name>
  <self-tuning-thread-pool-size-min>100</self-tuning-thread-pool-size-min>
  <self-tuning-thread-pool-size-max>200</self-tuning-thread-pool-size-max>
  </server>
  2) Adding some JVM parameters
  It's safer the following way :
  add the following option in your command line : -Dweblogic.threadpool.MinPoolSize=100
  Regards
  RR

• How to deploy the web.xml file when trying to use the JSP SDK from SAP?

  I want to use the adduser.jsp which downloaded form SAP SDK samples to add user in BO, but I cannot run it sucessfully. I believe it's caused the web.xml file was not deployed appropriately.
  could you please teach how to deploy the web.xml file for the JSP samples ?
  Could you show me some sample of web.xml for the SDK jsp files? Thank you very much!

  Ensure that you have followed below directory structure while deploying your web application.
     web_application_name
        WEB-INF
           lib
           classes
  web.xml must be placed in WEB-INF. Ensure that you have included all the jar files and other necessary files in your application.
  For more information refer to the below link:
  http://devlibrary.businessobjects.com/BusinessObjectsXIR2SP2/en/devsuite.htm
  Regards,
  Anuj

• How do you put safari web pages into icloud with the safari iCloud button?

  how do you put safari web pages into icloud with the safari iCloud button?

  What that button does is sync your tabs between your devices. So if you have multiple macs with Mountain Lion and/or devices with iOS 6 (once it comes out this fall) you can pick up where you left off. For example, let's say I have apple.com, nytimes.com, and facebook.com open on my mac, but I need to run. Later, if I need to use another computer in my household, I can just restore the tabs that I was using before on this other mac.

• How do you save a web PDF to the iPad2?

  How do you save a web PDF to the iPad2? I want to have a camera manual on my iPad.

  In Safari, click on the PDF link and from the context menu choose Open in New Tab. Then click on the tab: The PDF opens in Safari. At the upper right click on Open In, and from the menu choose Adobe Reader.

• In iMovie, how do you modify the duration of all the clips at once?

  In iMovie, using Mavericks O/S, how do you modify the duration of all the clips at once?

  To set the duration of any clips to be added in the future select the project then "Settings" above the viewer.    Adjust the slider to the right of "Clips" to the desired duration.
  To change clips already in the timeline, select all of the ones you want to change (so they have a yellow border), click on "Adjust" then click the info button (i in a circle).  You will see "Duration:"  Set the time in seconds and press return.
  Geoff.

• How to edit the web.xml file

  hi friends,
  i have been working with netbeans for webapplications so far therefore its not ever been requerd to edit the web.xml file that automatically done by IDE itself.
  now, i am just trying to deploy the servlet and jsp's externally without using any tool and i found a requrement to map the servlet and jsp in web.xml file. when i try to edit inside this file it seems noneditable, nothing gonna change. i have an alternate to do this is firstly copy the content of this file into txt file and after making the requred changes overwrite this file in .xml formate to orignal web.xml file.
  am i going in right way?? please help me
  regards
  san

  open it in a text editor and modify it.
  %

• How can you modify the displayed columns on a Related Information List?

  How can you modify the displayed columns on a Related Information List? For example, how could you add the "Type" column to the List of columns displayed for Service Requests when you are viewing the Contacts Detail page?
  Thanks

  I'd have to say I think this is one of the biggest flaws in the OnDemand system currently. The solution I have come up with is to create reports and put them in webapplets showing the data I want to show. I have then removed the standard Related Info List Objects and added weblinks to create new records as the button on the List object is also gone.
  Keep in mind that doing this does slow things down a little, so it may not work if you have a big user base.
  RWB.

• How to configure a JNDI ressource in the web.xml file

  Hi,
  does someone know if there is a way to configure a JNDI ressource with its parameters only in the web.xml file ?
  In my case, the JNDI ressouce is an oracle database an its conenction paramters: driverClassName, username, password, etc...
  Actually, I put everything in the configuration file of Tomcat but I would like my war file to be 100% independent of the application server.
  Thanks in advance.
  Fred.

  I wrestled with this for a long time. I may have done something wrong, but to get my mySQL JDNI reference to work, I had to add it to the server.xml file. You can try with web.xml, but I eventually just got frustrated and put it in server.xml.
  The following is between two <context> tags:
  <Resource name="jdbc/instance_name_goes_here"
                 auth="Container"
                 type="javax.sql.DataSource"/>
            <ResourceParams name="jdbc/same_instance_name_here">
                 <parameter>
                      <name>username</name>
                      <value>user_name_goes_here</value>
                 </parameter>
                 <parameter>
                      <name>password</name>
                      <value>password_goes_here</value>
                 </parameter>
                 <parameter>
                      <name>driverClassName</name>
                      <value>jdbc_fully_qualified_class_name</value>
                 </parameter>
                 <parameter>
                      <name>factory</name>
                      <value>org.apache.commons.dbcp.BasicDataSourceFactory</value>
                 </parameter>
                 <parameter>
                      <name>url</name>
                      <value>jdbc_connect_url_database_vendor_specific</value>
                 </parameter>
                 <parameter>
                      <name>maxActive</name>
                      <value>8</value>
                 </parameter>
                 <parameter>
                      <name>maxIdle</name>
                      <value>8</value>
                 </parameter>
            </ResourceParams>
  - Saish
  "My karma ran over your dogma." - Anon

• JSP compiler reading the web.xml file?

  Hi,
            I am trying to use the weblogic JSP compiler (weblogic.jspc) to
            pre-compile some JSP that use custom tags. Does the compiler
            read the web.xml file if there is one? In particular the taglib
            elements in that file so that the compiler understands the
            <%@ taglib ... %> directive.
            In the JSP I try to compile I use this statement to declare a taglib:
            <%@ taglib uri="xyz/xyz-taglib" prefix="xyz" %>
            and in my web.xml I have:
            <taglib>
            <taglib-uri>xyz/xyz-taglib</taglib-uri>
            <taglib-location>/WEB-INF/tlds/xyz.tld</taglib-location>
            </taglib>
            When I try to compile the JSP I get the following error:
            Could not parse embedded JSP code: weblogic.utils.ParsingException: nested
            IOException: java.io.IOException: cannot resolve 'xyz/xyz-taglib' into a
            valid tag library.
            Any ideas how I can resolve this?
            In advance thank you for any help.
            Florian
            

  open it in a text editor and modify it.
  %

• How do you return to web page after executing servlet?

  When I submit some values to my servlet from a page, using a from, how do I get back into the web page directory? When you call the servlet, the url turns to "./servlet", and if I click on submit again, it tries to find "./servlet/servlet" so obviously it kicks up an error.
  Basically I want the servlet to accept answers in a form, rebuild that form using the answers submitted, and go back to that rebuild. Hopefully, the user shouldn't notice anything changing, which is the idea, excepth his/her answers have been stored by the servlet.
  ANY help would be much appreciated.
  Thanks,
  Miles

  Could you briefly explain how this works joshman. Are you saying use send.redirect or something else I have not found? if so, could you elborate a bit (some method names would be usefull too). I have no idea about headers, which probably doesn't help.
  The problem is I either have to out.println the modified html (with the answers in the values in the input tags), which means I must get the web server to look in the directory where the original page came from, otherwise pictures and other stuff dont show. Then just outputting the html would be as if the original html file was given with inserted values.
  OR
  I have to save modified html files in the same directory under different names, give these to the client and delete them after a while to save spacew. I'd rather not have to do this as it complicates stuff.
  Cheers again.