Using SSL with an application deployed on IBM-WASCE

Question

I have an application which uses JSPs and Servlets and deployed on IBM-WASCE 2.1. I want the application to use SSL for login purposes. Based upon the documentation, I added the following lines to web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">

        <!-- Usual servlet mapping code -->

  <security-constraint>
        <web-resource-collection>
            <web-resource-name>Login</web-resource-name>
            <url-pattern>/login.jsp</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

However I get an error which states,

web.xml for web app default/foo/1.0/car includes security elements but Geronimo deployment plan is not provided or does not contain element necessary to configure security accordingly.

How to proceed from here? What elements to add to the file geronimo-web.xml?

Answer 1

[Solved]

The following modifications had to be done in the file geronimo-web.xml.

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://geronimo.apache.org/xml/ns/j2ee/web-1.1" xmlns:nam="http://geronimo.apache.org/xml/ns/naming-1.1" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1" xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.1"&gt;
  <sys:environment>
    <sys:moduleId>
      ...
           <!-- Basic stuff -->
      ...
    </sys:moduleId>


  </sys:environment>
  <context-root>/foo</context-root>

  <security-realm-name>geronimo-admin</security-realm-name>
    <security>
        <default-principal>
            <principal name="anonymous" class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
            />
        </default-principal>
        <role-mappings>
            <role role-name="admin">
                <principal name="administrators" designated-run-as="true" 
                class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"         
                />
                <principal name="root"
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
                />
            </role>
        </role-mappings>
    </security>
</web-app>