geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matt Hogstrom (JIRA)" <...@geronimo.apache.org>
Subject [jira] Updated: (GERONIMO-603) IllegalArgumentException when deploying WebApp containing a url-pattern of /* in security-constraint
Date Thu, 17 Nov 2005 12:13:41 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-603?page=all ]

Matt Hogstrom updated GERONIMO-603:
-----------------------------------

    Fix Version: 1.1
                     (was: 1.0)

Not sure if this is still an issue.  Alan, I'm moving it to 1.x.  Feel free to bring it back
if you think this needs to be fixed for 1.0

> IllegalArgumentException when deploying WebApp containing a url-pattern of /* in security-constraint
> ----------------------------------------------------------------------------------------------------
>
>          Key: GERONIMO-603
>          URL: http://issues.apache.org/jira/browse/GERONIMO-603
>      Project: Geronimo
>         Type: Bug
>   Components: web
>     Reporter: John Sisson
>     Assignee: Alan Cabrera
>      Fix For: 1.1

>
> For example,
> <web-app>
>   ..
>   <security-constraint>
>     <web-resource-collection>
>       <web-resource-name>Access to all of the APP</web-resource-name>
>       <url-pattern>/*</url-pattern>
>     </web-resource-collection>
>   ..
>   </security-constraint>
>   ..
> </web-app>
> The java.lang.IllegalArgumentException("Qualifier patterns in the URLPatternSpec cannot
match the first URLPattern") exception is thrown from:
> javax.security.jacc.URLPatternSpec.<init>(java.lang.String) line: 54
> javax.security.jacc.WebResourcePermission.<init>(java.lang.String, java.lang.String)
line: 54
> org.apache.geronimo.jetty.deployment.JettyModuleBuilder.buildSpecSecurityConfig(..) line:
1000
> org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(..) line: 400
> Looking at the last paragraph of page 22 of the JACC spec, it seems this should be allowed
as it paragraph discusses patterns being made irrelevant by the presence of the path prefix
pattern "/*" in a deployment descriptor.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message