我正在尝试按照 David Heffelfinger 的书“使用 NetBeans 6 进行 Java EE 5 开发:使用这个流行的 IDE 快速轻松地开发专业的企业 Java EE 5 应用程序”的第 2 章中的描述构建一个安全的 Web 应用程序。在执行最后一步(GlassFish 特定安全配置)时,我尝试运行该程序。我收到以下错误消息:
deploy?DEFAULT=/home/bjorn/NetBeansProjects/securewebapp/build/web&name=securewebapp&contextroot=/securewebapp&force=true failed on GlassFish Server 3+
Error occurred during deployment: Exception while deploying the app [securewebapp] : org.xml.sax.SAXParseException; lineNumber: 28; columnNumber: 57; Deployment descriptor file WEB-INF/web.xml in archive [web]. cvc-pattern-valid: Value 'index.jsp' is not facet-valid with respect to pattern '/.*' for type '#AnonType_war-pathType'.. Please see server.log for more details.
/home/bjorn/NetBeansProjects/securewebapp/nbproject/build-impl.xml:1033: The module has not been deployed.
See the server log for details.
BUILD FAILED (total time: 2 seconds)
日志文件显示:
SEVERE: DPL8015: Invalid Deployment Descriptors in Deployment descriptor file WEB-INF/web.xml in archive [web].
Line 28 Column 57 -- cvc-pattern-valid: Value 'index.jsp' is not facet-valid with respect to pattern '/.*' for type '#AnonType_war-pathType'.
SEVERE: DPL8005: Deployment Descriptor parsing failure : cvc-pattern-valid: Value 'index.jsp' is not facet-valid with respect to pattern '/.*' for type '#AnonType_war-pathType'.
SEVERE: Exception while deploying the app [securewebapp]
SEVERE: org.xml.sax.SAXParseException; lineNumber: 28; columnNumber: 57; Deployment descriptor file WEB-INF/web.xml in archive [web]. cvc-pattern-valid: Value 'index.jsp' is not facet-valid with respect to pattern '/.*' for type '#AnonType_war-pathType'.
有人知道如何使安全的 Web 应用程序正常工作吗?
编辑:
文件 web.xml 包含:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<servlet>
<servlet-name>SecureServlet</servlet-name>
<servlet-class>SecureServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>SecureServlet</servlet-name>
<url-pattern>/SecureServlet</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<security-constraint>
<display-name>Admin Pages</display-name>
<web-resource-collection>
<web-resource-name>Administrative Pages</web-resource-name>
<description/>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>file</realm-name>
<form-login-config>
<form-login-page>index.jsp</form-login-page>
<form-error-page>errorpage.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>Administrator</description>
<role-name>admin</role-name>
</security-role>
<security-role>
<description>User</description>
<role-name>user</role-name>
</security-role>
</web-app>