on 09-01-2015 10:14 AM
Hello everybody,
I'm trying to secure the default root web application for Netweaver Java AS 7.31, so I try to edit the web.xml and web-j2ee-engine.xml files which are located here: j2ee/cluster/apps/sap.com/com.sap.engine.docs.examples/servlet_jsp/_default/root/WEB-INF
Anyway after editing the files in text editor and restarting the "com.sap.engine.docs.examples" application via NWA, nothing happens. Is there something wrong with the code? Why there is no security form when I try to open the application in browser?
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee">
<display-name>Default</display-name>
<!-- ============================================================== -->
<!-- SAPUI5 resource servlet used to handle application resources -->
<!-- ============================================================== -->
<servlet>
<servlet-name>startPage</servlet-name>
<jsp-file>/startPage.jsp</jsp-file>
</servlet>
<!-- ============================================================== -->
<!-- Welcome file list -->
<!-- ============================================================== -->
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<!-- ============================================================== -->
<!-- Security settings -->
<!-- ============================================================== -->
<security-constraint>
<display-name>Authentication of Users</display-name>
<web-resource-collection>
<web-resource-name>Default</web-resource-name>
<url-pattern>*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>SAPUI5</role-name>
<role-name>Admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
</login-config>
<security-role>
<role-name>SAPUI5</role-name>
<role-name>Admin</role-name>
</security-role>
</web-app>
web-j2ee-engine.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-j2ee-engine xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="web-j2ee-engine.xsd">
<spec-version>2.4</spec-version>
<security-role-map>
<role-name>SAPUI5</role-name>
<role-name>Admin</role-name>
</security-role-map>
<login-module-configuration>
<login-module-stack>
<login-module>
<login-module-name>EvaluateTicketLoginModule</login-module-name>
<flag>SUFFICIENT</flag>
</login-module>
<login-module>
<login-module-name>BasicPasswordLoginModule</login-module-name>
<flag>REQUISITE</flag>
</login-module>
<login-module>
<login-module-name>CreateTicketLoginModule</login-module-name>
<flag>OPTIONAL</flag>
</login-module>
</login-module-stack>
</login-module-configuration>
</web-j2ee-engine>
Solved by redeploying the whole application. Is there a way to force SAP to refresh the application files without redeploying the whole application?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.