URL Pattern problem

Hi
I deployed an ear which has a web module with contextroot '/test'. It has a jsp whose url-pattern is mapped to /testjsp. From a html form i'm calling this jsp and the action attribute is /test/testjsp. But the error is resource not found /test/servlet/<servlet-name>.
1)Where is this /servlet coming from?
And the same webapp seems to work fine in tomcat.
2)How does the Netweaver server behave with context root and URL mappings?
3)Is there any configuration change to be done?
Any help is greatly appreciated.
Thanks,
Rajit

Did you try using render tags?
          Here is a link. <u>http://e-docs.bea.com/workshop/docs81/doc/en/portal/taglib/navSkeletonRendering.html
          </u>
          Seenu.

Similar Messages

JSF url-pattern *.jsf problem

Hi all,
I am working in a project to add the jsf page in the existing jsp application. It uses Apache Tomcat 6.0.18 as the server and eclipse for coding.
I created a jsf page named index.jsp and I added the code in web.xml as follows
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
</servlet-mapping>
and when I use the url
http:localhost:8080/myproject/index.jsf
Page did not open in the browser and browser reports page not found.
If I change url-pattern to
<url-pattern>/faces/* </url-pattern>
and
when I use the url
http:localhost:8080/myproject/faces/index.jsp
It works.
What should I want to do to make
http:localhost:8080/myproject/index.jsf to render in the browser?
Edited by: mvg90 on Jul 24, 2009 4:22 AM

BalusC wrote:
I have no idea. Reinstalling the stuff is definately cumbersome. This is likely just a matter of configuration and/or the way of usage. Hard to say based on the as far given little information (read this how to ask questions the smart way and read this how to provide good code examples representing your actual problem).
If you want you can of course redo the setup of the environment and the code based on some reliable tutorial / book.I am sorry if my information is not sufficient. What information can I give to solve the problem?

Problems With url-pattern in a filter-mapping

Hi!
I need to make a filter when the clients call a jsf pages in /pages in my web application, but when i make the filter-mapping like this:
     <filter-mapping>
          <filter-name>sessionFilter</filter-name>
          <url-pattern>/pages/*.jsf</url-pattern>
     </filter-mapping>An exception appears:
SEVERE: Parse error in application web.xml
java.lang.IllegalArgumentException: Invalid <url-pattern> /pages/*.jsf in filter mapping
     at org.apache.commons.digester.Digester.createSAXException(Digester.java:2540)
     at org.apache.commons.digester.Digester.createSAXException(Digester.java:2566)
     at org.apache.commons.digester.Digester.endElement(Digester.java:1061)
     at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown Source)
     at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanEndElement(Unknown Source)
     at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)
     at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
     at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
     at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
     at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
     at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
     at org.apache.commons.digester.Digester.parse(Digester.java:1548)
     at org.apache.catalina.startup.ContextConfig.applicationConfig(ContextConfig.java:263)
     at org.apache.catalina.startup.ContextConfig.start(ContextConfig.java:624)
     at org.apache.catalina.startup.ContextConfig.lifecycleEvent(ContextConfig.java:216)
     at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
     at org.apache.catalina.core.StandardContext.start(StandardContext.java:4290)
     at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1083)
     at org.apache.catalina.core.StandardHost.start(StandardHost.java:789)
     at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1083)
     at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:478)
     at org.apache.catalina.core.StandardService.start(StandardService.java:480)
     at org.apache.catalina.core.StandardServer.start(StandardServer.java:2313)
     at org.apache.catalina.startup.Catalina.start(Catalina.java:556)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:287)
     at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:425)the <url-pattern>/pages/*</url-pattern> not work to me because process all pages, I nedd only *.jsf
Please Help me whit this.

"the <url-pattern>/pages/*</url-pattern> not work to me because process all pages, I nedd only *.jsf"
Yes but in the filter you can get the url from the request.getUrl() and then only process requests that contain .jsf. Simply just pass all other requests along.
Some information on url pattern matching:
http://edocs.bea.com/wls/docs61/webapp/components.html#113049

Filter does not work with *.jsp URL pattern???

Hi All,
I am, by no means, very good at JSF or Java. I have looked at various forum posts on here for ways to implement a security filter to intercept requests to pages that first require one to be logged in, and if not, redirect them to the login page. Yes, I know a lot of you have heard this many times before, and I'm sorry to bring it up again.
BUT, from the guidance of other posts, I have got a filter that works fine when the url pattern is set to "/faces/*" or "/<anything>/*", however it won't work for "*.jsp" or "*.<anything>"
My filter is as follows:
package test.security;
import javax.faces.context.FacesContext;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpSession;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class SecurityFilter implements Filter{
    /** Creates a new instance of SecurityFilter */
    private final static String FILTER_APPLIED = "_security_filter_applied";
    public SecurityFilter() {
    public void init(FilterConfig filterConfig) {
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws java.io.IOException, ServletException{
        HttpServletRequest req = (HttpServletRequest)request;
        HttpServletResponse res = (HttpServletResponse)response;
        HttpSession session = req.getSession();
        String requestedPage = req.getPathTranslated();
        String user=null;
        if(request.getAttribute(FILTER_APPLIED) == null) {
            //check if the page requested is the login page or register page
            if((!requestedPage.endsWith("Page1.jsp")) /* This is the login page */
                //set the FILTER_APPLIED attribute to true
                request.setAttribute(FILTER_APPLIED, Boolean.TRUE);
                //Check that the session bean is not null and get the session bean property username.
                if(((test.SessionBean1)session.getAttribute("SessionBean1"))!=null) {
                    user = ((test.SessionBean1)session.getAttribute("SessionBean1")).getUsername();
                if((user==null)||(user.equals(""))) {
                   // try {
                 //       FacesContext.getCurrentInstance().getExternalContext().redirect("Page1.jsp");
                  // } catch (ServletException ex) {
                  //      log("Error Description", ex);
                    res.sendRedirect("../Page1.jsp");
                    return;
        //deliver request to next filter
        chain.doFilter(request, response);
    public void destroy(){
}My web.xml declaration for the filter is:
<filter>
<description>Filter to check whether user is logged in.</description>
<filter-name>SecurityFilter</filter-name>
<filter-class>test.security</filter-class>
</filter>
<filter-mapping>
<filter-name>SecurityFilter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
Note: I have also tried this with <url-pattern>*.jsp</url-pattern> for the filter mapping in place of the Faces Servlet
My web.xml declaration for the url pattern is:
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsp</url-pattern>
</servlet-mapping>Which JSC/NetbeansVWP automatically creates a "JSCreator_index.jsp" which has:
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root version="1.2" xmlns:jsp="http://java.sun.com/JSP/Page">
<jsp:forward page="Page1.jsp"/>
</jsp:root>When run, this causes an Error 500 in the browser and a NullPointerException in SecurityFilter.java on the line:
if((!requestedPage.endsWith("Page1.jsp")) /* This is the login page */I think I'm missing something that would be obvious to anyone who knows better than me. Any ideas?

Dear Ginger and Boris,
thanks for the information - the problem seems to ocur in EP7 as well, Boris told me it is fixed in SP15. We are on SP14 now, so there is hope !
actually the information in the oss note stated above is also true, as we have an Oracle DB. On a similar demo system (only difference is SQL DB) the hyphen search works !
best regards, thank you !
Johannes

url-pattern for extension mapping in security-constraint not working

I'm trying to use extension mapping in a <security-constraint> configuration,
According to:
http://download.oracle.com/otn-pub/jcp/servlet-3_1-fr-eval-spec/servlet-3_1-final.pdf?AuthParam=1429824454_de04222eab1b8…
Section 12.2:
A string beginning with a ‘*.’ prefix is used as an extension mapping.
But WebLogic does not take in consideration my configuration. If I use path mapping exact mapping it work.
My configuration is:
<security-constraint>
    <web-resource-collection>
        <web-resource-name>Unsecured</web-resource-name>
        <url-pattern>*.wsdl</url-pattern>
        <url-pattern>*.xsd</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
</security-constraint>
<security-constraint>
    <web-resource-collection>
        <web-resource-name>HttpAuth</web-resource-name>
        <url-pattern>/ws/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>ws-user</role-name>
    </auth-constraint>
    <user-data-constraint>
        <transport-guarantee>INTEGRAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>
<login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>Test1</realm-name>
</login-config>
<security-role>
    <role-name>ws-user</role-name>
</security-role>
WebLogic Server 12c (12.1.3)
Has anybody used extension mapping with security-constraint? Is that a WebLogic issue?

Hi nikita,
I have delt with the same problem before. As you say, most JSF actions all get posted back to the original page, and the faces servlet internally redirects according to the navigation rules and actions. This can mean the URL seen by the browser does not always correspond to the actual JSP (wrapped by JSF) that produced the content.
Generally adding the "<redirect/>" tag to all your navigation rules (in faces-config.xml) remedies this, so the actions are still posted back to the original page, but then the JSF servlet sends an http-redirect to the browser before invoking the new page. This way, the URL is always in sync, and the security constraints defined in your web descriptor always get invoked properly.
regards,
tony

Invalid URL Pattern exception when deploying ear file

Hi,
I encountered some problem during deploying an ear file into SJSAS PE. This ear file has successfully been deployed into WebLogic Server and works fine.
The error message is as follows:
Deploying application in domain failed; Error loading deployment descriptors for module [wsgServerRel1_0] -- Invalid URL Pattern: [pfk/PfkMainServlet] Error loading deployment descriptors for module [wsgServerRel1_0] -- Invalid URL Pattern: [pfk/PfkMainServlet] The following is the relevant part regarding URL pattern:
     <servlet>
          <servlet-name>PfkMainServlet</servlet-name>
          <servlet-class>com.sns.pfk.servlet.PfkMainServlet</servlet-class>
          <load-on-startup>0</load-on-startup>
     </servlet>
     <servlet-mapping>
          <servlet-name>PfkMainServlet</servlet-name>
          <url-pattern>pfk/PfkMainServlet</url-pattern>
     </servlet-mapping>What else I need to do to make it work?
Regards,
Xinjun

You have an error in your url-pattern. A url-pattern must either begin with a slash ("/") for the exact match or directory match or it could begin an asteric("*") for the extension match(refer to the servlet spec).
In your case it should be something like:
<servlet-mapping>
          <servlet-name>PfkMainServlet</servlet-name>
          <url-pattern>/pfk/PfkMainServlet</url-pattern>
</servlet-mapping>
or
<servlet-mapping>
          <servlet-name>PfkMainServlet</servlet-name>
          <url-pattern>/pfk/*</url-pattern>
</servlet-mapping>

System-wide Transparent Proxy With URL Patterns

Internet censorship -where I live- has almost turned web unusable so I decided to setup a transparent proxy using Tor for my home network.
Since Tor is so slow -here- proxying all traffic through Tor would slow my connection to a crawl. Therefore I need a mechanism to selectively proxy the traffic.
I know a bit of 'iptables' and it looks to me like the solution to my problem. However there's a trick. As most of the websites I need to access through Tor (like Google+, Facebook and such) use several IP addresses for their entry points, it's almost impossible for me to add 'iptables' rules for all of those IP addresses. I need a mechanism to proxy the traffic based on URL patterns. For example I need to be able to proxy access to '*.facebook.com' through Tor.
So the question boils down to: how can I setup a system-wide transparent proxy using URL patterns?
Any idea/hint is much appreciated. TIA,
Bahman
Last edited by bahman (2012-01-04 07:48:44)

Use privoxy with socks5 forwarding:
http://www.privoxy.org/user-manual/config.html#SOCKS
http://www.privoxy.org/user-manual/acti … F-PATTERNS

Url-pattern

Hi,
below is the code for filter url mapping.
"<url-pattern>/gbsUploadSummary.jsp</url-pattern>" .I have a problem with this line...its nt executing....can i know the mistake...
<filter>
<filter-name>DumpFilter</filter-name> <filter-class>com.pwc.webectm.util.DumpFilter</filter-class>
<init-param>
<param-name>dumpRequest</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>dumpResponse</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>DumpFilter</filter-name>
<url-pattern>/gbsUploadSummary.jsp</url-pattern>
</filter-mapping>

What exact URL do you supply? (You can omit the host for privacy if you like, but you have likely already supplied it in your original post). I am confused about what you are asking. Are you saying that you can see the output of your JSP but not any code in your filter? My guess is the dump filter is relatively trivial (e.g., outputing the request and response received). Can you post the code? Is there a possibility you are not reading your init params correctly?
It is one of the following:
1. The filter mapping in web.xml does not match that which you are sending in your request in the browser address bar (most likely, but hard to tell)
2. You are not reading your init params correctly so that 'true' is not being evaluated and you are in essense skipping over your own code blocks (hard to tell without the filter code itself, but you could easily verify by putting a logging statement in the first line of doFilter()).
3. You have an error in your code that is causing the filter not to initialize (there should be an exception in the logs in this case)
4. Related to #2, there is a simple coding error in the filter itself preventing you from seeing output
- Saish

JDev 10g - Security - web.xml - URL pattern matching

Hello,
I use JDeveloper 10.1.3.4. It's 4 hours I try to figure out what is going on:
I set security constraint in web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>books</web-resource-name>
<url-pattern>faces/app/books/*</url-pattern>
<url-pattern>faces/*/app/books/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>books</role-name>
</auth-constraint>
</security-constraint>
User is logged in with role "books" for sure.
http://192.168.0.109:8988/lib/faces/app/books/page.jspx can be seen
but dialogs can't be seen, url is : http://192.168.0.109:8988/lib/faces/__ADFv__?_afPfm=1.5&_t=fred&_vir=/app/books/Search.jspx&loc=en&_rtrnId=2it redirects to login page.
Another thing, when I set only one url pattern : faces/app/books/*.jspx
I can't even see faces/app/books/page.jspx page!
It's very curious, have to be something else somewhere to set, because in SRDemo app this 2 cases don't cause problems.
Bart
snowface.net - snowboard equipement reviews

Hi,
dialogs are not opened by a GET request, which is what container managed authorization looks at. It basically bypasses this kind of security, which means that developers should check manually on teh command component that launches teh dialog if the authenticated user is allowed to do this. Also note that the default JSfnavigation is by postback which means you have to set all navigation to use the redirect flag to make it work with container managed security
Frank

Servlet Filters/url patterns with WLS 8

Hello,
I am trying to use filters to do some pre processing before my web service
is invoked. It seems the doFilter() method does not seem to be getting invoked.
The init() method is getting invoked as I see print statements in the log file.
I am not sure if the url-pattern is correct and I am enclosing the web.xml file
here along with relevant lines from web-services.xml and application.xml.In access.log
I do see HTTP calls to the web service.
Any help would be appreciated.
<web-app>
<filter>
<filter-name>l10nWebServiceFilter</filter-name>
<filter-class>com.globalsight.dotNet.L10nWebServiceFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>l10nWebServiceFilter</filter-name>
<url-pattern>/l10nWebService/*</url-pattern>
</filter-mapping>
</web-app>
From web-services.xml -
web-service useSOAP12="false" targetNamespace="http://localhost:7001/L10nWebServiceEJB"
name="L10nWebServiceEJB" style="rpc" uri="/L10nWebServiceEJB">
and from application.xml -
<application>
<display-name></display-name>
<module>
<web>
<web-uri>l10nWebService.war</web-uri>
<context-root>l10nWebService</context-root>
</web>
</module>
<module>
<ejb>cap_ssb.jar</ejb>
</module>
</application>

Hi Aswin,
I think the problem may be in your Servlet Filter code :-)
The last line in your doFilter() method should be:
filterChain.doFilter(servletRequest, servletResponse);
I have attached a small zip that uses a ServletFilter to get around situations,
where the WLS web services stack/tools has problems dynamically generating the
WSDL I want to present to the "outside world". It (the zip) contains a web.xml
that illustrates how to set the <url-pattern>. This web.xml goes with the web-services.xml
in the web services' .war, but the ServletFilter is "generic" :-)
HTH,
Mike Wooten
"Aswin Dinakar" <[email protected]> wrote:
>
Changing the url-pattern to /* solved the problem and the doFilter()
method is
being called. However the webservice is not being invoked now. Is there
any changes
to web-services.xml that I need to make that after the doFilter() code
is invoked
the webservice methods would be invoked ?
Thanks,
Aswin.
"Aswin Dinakar" <[email protected]> wrote:
Hello,
I am trying to use filters to do some pre processing beforemy
web service
is invoked. It seems the doFilter() method does not seem to be getting
invoked.
The init() method is getting invoked as I see print statements in the
log file.
I am not sure if the url-pattern is correct and I am enclosing the web.xml
file
here along with relevant lines from web-services.xml and application.xml.In
access.log
I do see HTTP calls to the web service.
Any help would be appreciated.
<web-app>
<filter>
<filter-name>l10nWebServiceFilter</filter-name>
<filter-class>com.globalsight.dotNet.L10nWebServiceFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>l10nWebServiceFilter</filter-name>
<url-pattern>/l10nWebService/*</url-pattern>
</filter-mapping>
</web-app>
From web-services.xml -
web-service useSOAP12="false" targetNamespace="http://localhost:7001/L10nWebServiceEJB"
name="L10nWebServiceEJB" style="rpc" uri="/L10nWebServiceEJB">
and from application.xml -
<application>
<display-name></display-name>
<module>
<web>
<web-uri>l10nWebService.war</web-uri>
<context-root>l10nWebService</context-root>
</web>
</module>
<module>
<ejb>cap_ssb.jar</ejb>
</module>
</application>
[webservice_servlet_filter.zip]

Invalid content was found starting with element 'url-pattern'

Hi,it looks there is something wrong with my web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>TestAA</display-name>
<welcome-file-list>
<welcome-file>index.jsf</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<security-constraint>
     <web-resource-collection>
          <url-pattern>/secure/*</url-pattern> ...................................................................error here
</web-resource-collection>
     <auth-constraint>
          <role-name>retuser</role-name>
     </auth-constraint>
     </security-constraint>
<login-config>
     <auth-method>FROM</auth-method>
     <form-login-config>
          <form-login-page>/login.xhtml</form-login-page>
          <form-error-page>/loginError.xhtml</form-error-page>
     </form-login-config>
</login-config>
</web-app>
error message:
cvc-complex-type.2.4.a: Invalid content was found starting with element 'url-pattern'. One of '{"http://java.sun.com/xml/ns/javaee":web-resource-name}' is expected.

Hi Linyin,
Please refer to: http://middlewaremagic.com/weblogic/?p=2034
The Problem is missing element *<web-resource-name>* in your *"web.xml"* file..... which must be a Unique name of your Resource set which u want to make secure.....
Example:
<security-constraint>
<web-resource-collection>
*<web-resource-name>MySecureResource</web-resource-name>* <----------This line should come Just above <url-pattern>
<url-pattern>/secure/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>retuser</role-name>
</auth-constraint>
</security-constraint>
Thanks
Jay SenSharma
http://middlewaremagic.com/weblogic (Middleware Magic Is Here)

How do I pass the part of the url that matched url-pattern to JSP?

Hello,
I have a web app called ptest.war deployed in JBoss. In my web.xml I have:
<servlet-mapping>
<servlet-name>GetImage</servlet-name>
<url-pattern>/images/*</url-pattern>
</servlet-mapping>
and:
<servlet>
<servlet-name>GetImage</servlet-name>
<jsp-file>DoImageRequest.jsp</jsp-file>
<load-on-startup>1</load-on-startup>
</servlet>
In DoImageRequest.jsp, I want to know what was requested by the user (so I can set some response headers and then re-direct to the image they requested), so if I go to:
http://localhost/ptest/images/i1.jpg
I want to have "/images/i1.jpg" available to me in the JSP, so that I can do a jsp:forward to the requested image, but none of the getters on the request object give me that string.
request.getServletPath() returns "/images" and request.getPathInfo() returns "/i5.jpg".
So do I need to construct what the user asked for by concatenating these two values?
The reason I was testing this was because I wanted to set no-cache in the response to the request for the image. Is there an easier way of doing that without having to direct the request to a jsp so that the jsp can set the response headers, which seems a little long-winded to me?
Many Thanks,
Paul Smith

I want to have "/images/i1.jpg" available to me in the JSP, so that I can do a jsp:forward to the requested image, but none of the getters on the request >object give me that string.Even if you manage to construct that, such a request path would be intercepted by your jsp because it maps to /images/*.
You would end up with infinite recursion.
To circumvent that, you can change the folder that stores the image - call it something like img and then you just need append the request.getPathInfo().
getServletContext.getRequestDispatcher("/img"+req.getPathInfo()).forward(req,res);
The reason I was testing this was because I wanted to set no-cache in the response to the request for the image. Is there an easier way of doing that >without having to direct the request to a jsp so that the jsp can set the response headers, which seems a little long-winded to me?You could have a filter intercept all requests for *.img, add the response headers and pass the request along to the actual resource. That would be easier and more intuitive. If your web app has a good fronting like an apache web server, I think you can cache your images on the web server and set a property that would instruct the web server to set a no-cache header in response when it serves the image.
ram.
Edited by: Madathil_Prasad on Mar 26, 2010 7:20 PM

Policy agent protected URL auth problem

Hi all,
Anyone knows why the policy agent failed to identify a user with valid cert and ldap pwd and thus allow the user to goto the protected URL resources? (IIS with policy agent 2.0 for W2K)
The IDS server instance was created with security on and "Client Auth" also on. All the accesses worked OK while the "client auth" in not ON. In fact, the user could goto the user profile page with the cert or the LDAP pwd, OAC were all set to enable cert and LDAP=SUCIFICENT even with "client auth" is on, just could not get to the URL it protected. (IDS is running on a Soalris box, V6.0 mtr from the download center)
The policy agent logs shown that the IDS authentication service failure with code 3.
Any hints on that?

When a user clicks the logout button in your Portal application that link needs to send the user to the /amserver/UI/Logout page to terminate the session. You can specify the goto parameter in the link so the user does not see the logout page. You can also specify a particular logout URL pattern in the AMAgent.properties file that when the agent sees a request for that URL it will terminate the session on the AM server and clear out it's cache.

Using security-constraint in web.xml; not recognizing url-pattern tag

I am creating a very simple jsp application within JDeveloper 10.1.3.1. I have 2 jsp files...a readData.jsp and a maintainData.jsp. I would like to deploy this application to Oracle Application Server 10.1.2.2. I would like to use Oracle Internet Directory with Single Sign on enabled. The deployment to OAS works fine. For the security, I would like an administrator user to get to both pages...and a user to only be able to see the readData.jsp. I used the security constraints on the properties of the web.xml file within JDeveloper. Here is my web.xml file:
<?xml version = '1.0' encoding = 'windows-1252'?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<description>Empty web.xml file for Web Application</description>
<session-config>
<session-timeout>35</session-timeout>
</session-config>
<mime-mapping>
<extension>html</extension>
<mime-type>text/html</mime-type>
</mime-mapping>
<mime-mapping>
<extension>txt</extension>
<mime-type>text/plain</mime-type>
</mime-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>adm_full_access</web-resource-name>
<url-pattern>*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>adm_all</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>usr_access</web-resource-name>
<url-pattern>readData.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>usr_all</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>usr_all</role-name>
</security-role>
<security-role>
<role-name>adm_all</role-name>
</security-role>
</web-app>
When I deploy to OAS I added an OID account to the adm_all role...this works fine I can log on as that user and get to both jsps. But, when I add my user to the usr_all role within OAS I try to log on to the app...I then enter my SSO username and password and I get Access Denied errors from my browser when trying to access either page. I am confused about the <url-pattern> tag...is that relative to a directory within my deployment? Most of the examples I have seen use servlets...so I was wondering if I can even use the <url-pattern> tag to restrict/allow access to individual jsps? If someone could point me to some documentation on this set-up I would appreciate it!
Thank you.

I was able to get this to work. By doing the following:
<security-constraint>
<web-resource-collection>
<web-resource-name>adm_full_access</web-resource-name>
<url-pattern>*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>adm_all</role-name>
</auth-constraint>
</security-constraint>
I was restricting access to all other groups by uisng <url-pattern>*</url-pattern>. Any other security-constraints set-up after that will not work. So saying * requires usr_all will restrict ALL webpages to ONLY adm_all, regardless of what future constraints say. So, my first security-constraints lists all directories or pages that every user can access. My next security-constraint then list resources that only my admins (adm_all) can acess. Any other security constraints then are set-up for each user role that I have...if adm_all should have access to these then the <role-name>adm_all</role-name> is added to each security constraint.

How to specify a servlet mapping as the url pattern with in the security constraints

Hi ,
Weblogic 6.0 documentation says the following:-
Define which resources in the Web Application the security constraint applies to using the <url-pattern> element that is nested inside the <web-resource-collection> element. The <url-pattern> can refer to either a directory, filename or a <servlet-mapping>.
To apply the security constraint to the entire Web Application, use the following <url-pattern>:
<url-pattern>/*</url-pattern>
Could any one let me know how to specify servlet mapping as the url pattern.
I tried various combination and it doesn't seem to work and any help in this regard will be greatly appreciated.
Thanks
kannan

The answer is posted here:
Unapproved User Flag in UME

URL Pattern problem

Similar Messages

Maybe you are looking for