Hello,

I'm having problems with the security settings in my java dynamic web app, the problem is when I try to log in I'm keep getting to the login-error.jsp page even when I type the right username and password and never to the logged.html page.
I have written this code in the web.xml file :

<security-constraint>
<web-resource-collection>
<web-resource-name>Sensitive</web-resource-name>
<url-pattern>/logged.html</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>administrator</role-name>
</auth-constraint>
</security-constraint>

<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/logged.html</form-login-page>
<form-error-page>/login-error.jsp</form-error-page>
</form-login-config>
</login-config>

<security-role>
<role-name>administrator</role-name>
</security-role>


and this code in the tomcat-users.xml file that in the " tomcat7/conf/ " dir :

<?xml version='1.0' encoding='utf-8'?>

<tomcat-users>
<role rolename="administrator"/>
<user name="admin" password="admin" roles="administrator" />
</tomcat-users>


Thanks for any suggestion...