geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Sisson (JIRA)" <...@geronimo.apache.org>
Subject [jira] Created: (GERONIMO-603) IllegalArgumentException when deploying WebApp containing a url-pattern of /* in security-constraint
Date Thu, 10 Mar 2005 09:42:52 GMT
IllegalArgumentException when deploying WebApp containing a url-pattern of /* in security-constraint
----------------------------------------------------------------------------------------------------

         Key: GERONIMO-603
         URL: http://issues.apache.org/jira/browse/GERONIMO-603
     Project: Geronimo
        Type: Bug
  Components: web  
    Reporter: John Sisson


For example,

<web-app>
  ..
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Access to all of the APP</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection>
  ..
  </security-constraint>
  ..
</web-app>

The java.lang.IllegalArgumentException("Qualifier patterns in the URLPatternSpec cannot match
the first URLPattern") exception is thrown from:

javax.security.jacc.URLPatternSpec.<init>(java.lang.String) line: 54
javax.security.jacc.WebResourcePermission.<init>(java.lang.String, java.lang.String)
line: 54
org.apache.geronimo.jetty.deployment.JettyModuleBuilder.buildSpecSecurityConfig(..) line:
1000
org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(..) line: 400

Looking at the last paragraph of page 22 of the JACC spec, it seems this should be allowed
as it paragraph discusses patterns being made irrelevant by the presence of the path prefix
pattern "/*" in a deployment descriptor.


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


Mime
View raw message