web.xml

1. <?xml version="1.0" encoding="UTF-8"?>
2. <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
3.   <display-name>webdesktop</display-name>
4.   <welcome-file-list>
5.     <welcome-file>desktop.html</welcome-file>
6.   </welcome-file-list>
7.   <servlet>
8.     <description></description>
9.     <display-name>LoginServlet</display-name>
10.     <servlet-name>LoginServlet</servlet-name>
11.     <servlet-class>com.auth.LoginServlet</servlet-class>
12.   </servlet>
13.   <servlet-mapping>
14.     <servlet-name>LoginServlet</servlet-name>
15.     <url-pattern>/login/</url-pattern>
16.   </servlet-mapping>
17.   <servlet>
18.     <description></description>
19.     <display-name>LogoutServlet</display-name>
20.     <servlet-name>LogoutServlet</servlet-name>
21.     <servlet-class>com.auth.LogoutServlet</servlet-class>
22.   </servlet>
23.   <servlet-mapping>
24.     <servlet-name>LogoutServlet</servlet-name>
25.     <url-pattern>/logout/</url-pattern>
26.   </servlet-mapping>
27.  
28.   <login-config>
29.     <auth-method>FORM</auth-method>
30.     <form-login-config>
31.       <form-login-page>/login.html</form-login-page>
32.       <form-error-page>/login-failed.html</form-error-page>
33.     </form-login-config>
34.   </login-config>
35.  
36.   <security-constraint>
37.     <web-resource-collection>
38.       <web-resource-name>Wildcard means whole app requires authentication</web-resource-name>
39.       <url-pattern>/*</url-pattern>
40.       <http-method>GET</http-method>
41.       <http-method>POST</http-method>
42.     </web-resource-collection>
43.     <auth-constraint>
44.       <role-name>site-users</role-name>
45.     </auth-constraint>
46.     <user-data-constraint>
47.       <transport-guarantee>CONFIDENTIAL</transport-guarantee>
48.     </user-data-constraint>
49.   </security-constraint>
50.  
51.    <security-role>
52.       <description>This logical role includes all authenticated users</description>
53.       <role-name>site-users</role-name>
54.    </security-role>
55.  
56. </web-app>