Hi,all

I got the attraction example with SQLServer, and everything is fine except
WARNING: Security role name attraction used in an <auth-constraint> without being defined in a <security-role>

and When I logon

I got this

message /attraction/j_secruity_check
description The requested resource (/attraction/j_secruity_check) is not available.

Before I came here, I had gone around these resources:

http://tomcat.apache.org/tomcat-3.3-...alm-howto.html
http://www.onjava.com/pub/a/onjava/2002/06/12/form.html
http://p2p.wrox.com/topic.asp?TOPIC_...Authentication

and the Context in server.xml lies below:

    <Context path="/attraction" docBase="attraction" debug="0" reloadable="true">
        <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
            driverName="com.microsoft.jdbc.sqlserver.SQLServer Driver"
            connectionURL="jdbc:microsoft:sqlserver://127.0.0.1:1433;DatabaseName=MK;"
            connectionPassword=""
            connectionName="mk"
            userTable="attraction"
            userNameCol="user_id"
            userCredCol="password"
            userRoleTable="user_role"
            roleNameCol="role_name"
        />
    </Context>

In the Web.xml:
<security-constraint>
    <auth-constraint>
        <role-name>attraction</role-name>
    </auth-constraint>
</security-constraint>

And I am sure about the basic environment is ok, such as struts.jar,connectionPool,struts-config.xml, Tomcat5.5.16,etc.

Please Help me out, or just communicate here.
I saw so much people come around this problem, but none get answered in this forum.
And Actually I surfing around the websites, maybe this is the last one I can do.

Any useful information on above is appreciated

the current status of the problem
13:24:46 8/4/2006
after modified as below, no warn again, but the link is Wrong
     <security-constraint>
<!--
      <auth-constraint>
          <role-name>attraction</role-name>
      </auth-constraint>
       -->
  </security-constraint>
  <security-role>
      <role-name>attraction</role-name>
  </security-role>

14:04 8/4/2006
Modified the Action and struts-config.xml, we got this:
Now we got the gut:
HTTP Status 404 - /attraction/j_secruity_check
message /attraction/j_secruity_check
description The requested resource (/attraction/j_secruity_check) is not available.

18:08:12 8/4/06
ÐÞ¸ÄÔ´´úÂëΪ
<form action="<%= response.encodeURL("j_security_check") %>" focus="j_username" method="post">


µ«ÊdzöÏÖ²»ÄÜÁ¬½ÓÓÐЧÊý¾Ý¿ âµÄ´íÎó:
Can't start a cloned connection while in manual transaction mode.µÈµÈ
ËùÒÔÔÚÁ¬½Ó×Ö·û´®ÖмÓÈëÏÂà æµÄºì×Ö
connectionURL="jdbc:microsoft:sqlserver://127.0.0.1:1433;DatabaseName=MK;SelectMethod=cursor "
×¢ÒâÖ»ÔÚjdbcRealmÖÐÌí¼Ó¾Í¿ÉÒÔà Ã‹,²»ÓÃÔÚDBInitServlet³õʼ»¯Ê±Ò²à ŒÃ­Â¼Ã“.

³öÏÖµÄÎÊÌâÊǵ±Ñé֤ͨ¹ýºó, »Ã¡Â³Ã¶ÃÃ–ÏÂÃæµÄÎÊÌâ
HTTP Status 400 - Invalid direct reference to form login page
description The request sent by the client was syntactically incorrect (Invalid direct reference to form login page).

²»ÄÜÖ±½ÓÒýÓõǼҳÃæ,ÒòΪà ŽÃ’Ã”ÃšactionдÁ˸öתÏò´úÂë(×Ô×÷ ´ÏÃ÷)
µ±Óöµ½±£»¤ÄÚÈݺó,»á×Ô¶¯µØà —ÂªÂµÂ½ÂµÃ‡Ã‚Â¼Ã’Â³ÃƒÃ¦ÂµÃ„.