I’m trying to use the override-web.xml feature (https://www.eclipse.org/jetty/documentation/current/override-web-xml.html) to override some of the web.xml configuration in an app. There are two parts of web.xml that I need to override, the<transport-guarantee> and <form-login-page> . So my WebAppContext configuration includes this:
<Set name="overrideDescriptor">override-web.xml</Set>
And my override-web.xml look like this:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Health E Systems</realm-name>
<form-login-config>
<form-login-page>/login/login.html</form-login-page>
<form-error-page>/login/login_error.html</form-error-page>
</form-login-config>
</login-config>
</web-app>
It seems that the <transport-guarantee> is working (when I run I am not required to use https), but the login page doesn’t seem to be working. I am not automatically redirected to that page as expected (it does work as intended if I simply change the<form-login-page> value directly in the app’s web.xml).
Am I doing something wrong? Is there a limit as to what can be overridden with this capability?
Thanks,
Eric