Hello,
I'm trying to protect a JSP behind a login page on SAP NW 7.4. Nobody should be able to access the page unless they login beforehand (using the default NW Login).
Like stated here: Specifying Authentication for Java Applications - Integrating Security Functions - SAP Library. (and the pages in the same chapter)
I added these lines to the web.xml in the Web project:
<login-config>
<auth-method>FORM</auth-method>
</login-config>
And these in web-j2ee-engine.xml:
<login-module-configuration>
<login-module-stack>
<login-module>
<login-module-name>BasicPasswordLoginModule</login-module-name>
<flag>SUFFICIENT</flag>
</login-module>
</login-module-stack>
</login-module-configuration>
However, when I deploy the project I can still access the page without providing my credentials first.
Can you help me find whats missing?
Thanks and best Regards
Fabio Zuber