security constraint.

in my web.xml i have something like:

<security-constraint>

<display-name>Example Security Constraint</display-name>

<web-resource-collection>

<web-resource-name>Protected Area</web-resource-name>

<url-pattern>/*</url-pattern>

I am using FORM based authentication with j_security_check, it works fine however i have index.jsp which loads fine but when i reference an image file i.e. <img src="something.jpg"> in the index.jsp it won't load because i have to login FIRST. is there anyway to filter a directory so that you don't need to login before accessing it?

Message was edited by:

spear_arrow

[747 byte] By [spear_arrowa] at [2007-11-27 8:17:07]

«« zfs filesystem screwed up?
»» Sound is played several times, but suddenly stop playing.

# 1

You have mapped the security constraint to any url. Wjhen the browser loads an image it makes a request to the image url which you have mapped to the constraint.

You'll have to be more specific in the url-pattern. One possibility is to map your servlets to urls that have an identifying pattern like /servlet/ or .do. Then you can do something like

<security-constraint>

<display-name>Example Security Constraint</display-name>

<web-resource-collection>

<web-resource-name>Protected Area</web-resource-name>

<url-pattern>/*.jsp</url-pattern>

<url-pattern>/*.do</url-pattern>

tolmanka at 2007-7-12 20:02:14 >

top of Java-index,Enterprise & Remote Computing,Web Tier APIs...

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

security constraint.

Enterprise & Remote Computing Hot Topic

Enterprise & Remote Computing

All Classified