14.5.4.3.2. Configuring the web.xml
Before configuring your application as an Service Provider you need to add some configurations to your web.xml.
Let's start by defining a security-constraint element to restrict access to resources from unauthenticated users:
<security-constraint> <web-resource-collection> <web-resource-name>Manager command</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>manager</role-name> </auth-constraint> </security-constraint> <security-role> <description> The role that is required to log in to the Manager Application </description> <role-name>manager</role-name> </security-role>
As you can see above, we define that only users with a role named manager are allowed to access the protected resources. Make sure to give your users the same role you defined here, otherwise they will get a 403 HTTP status code.
During the logout process, PicketLink will try to redirect the user to a logout.jsp page located at the root directory of your application. Please, make sure to create it.
Important
Please, make sure you have a welcome file page in your application. You can define it in your web.xml or simply create an index.jsp at the root directory of your application.