geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gary Karasiuk (JIRA)" <...@geronimo.apache.org>
Subject [jira] Commented: (GERONIMO-1585) Web app security on /* causes deployment exception
Date Tue, 07 Feb 2006 12:01:57 GMT
    [ http://issues.apache.org/jira/browse/GERONIMO-1585?page=comments#action_12365423 ] 

Gary Karasiuk commented on GERONIMO-1585:
-----------------------------------------

As a new user who just spent two days trying to track down what the message "Qualifier patterns
in the URLPatternSpec cannot match the first URLPattern" means, with no hint of even which
file the error is in, or which line number is causing the error; I would advocate that if
there is ambiguity in the spec, that we should error on the side of being more user friendly.
That is, don't throw an error. But if you decide to throw an error, then please make it easy
to correct.

Other app servers allow the "/*" pattern.  And for people like me who are trying to run existing
applications, we would prefer not to have an "extra" restrictions. 


> Web app security on /* causes deployment exception
> --------------------------------------------------
>
>          Key: GERONIMO-1585
>          URL: http://issues.apache.org/jira/browse/GERONIMO-1585
>      Project: Geronimo
>         Type: Bug
>   Components: web, security
>     Versions: 1.0
>  Environment: Geronimo 1.0 with Jetty
>     Reporter: Aaron Mulder
>     Priority: Critical
>      Fix For: 1.0.1, 1.1

>
> Deploying a web app with the following security block causes a deployment error:
>     <security-constraint>
>         <web-resource-collection>
>             <web-resource-name>All Pages</web-resource-name>
>             <url-pattern>/*</url-pattern>
>             <http-method>GET</http-method>
>             <http-method>POST</http-method>
>             <http-method>PUT</http-method>
>         </web-resource-collection>
>         <auth-constraint>
>             <role-name>User</role-name>
>         </auth-constraint>
>     </security-constraint>
> Note this is essentially right out of the spec (see SRV.12.8.2 in the Servlet 2.4 spec).
> The error is:
>     org.apache.geronimo.common.DeploymentException: Unable to initialize webapp GBean
>         at org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(JettyModuleBuilder.java:842)
>         ...
>     Caused by: java.lang.IllegalArgumentException: Qualifier patterns in the URLPatternSpec
cannot match the first URLPattern
>         at javax.security.jacc.URLPatternSpec.<init>(URLPatternSpec.java:54)
>         at javax.security.jacc.WebResourcePermission.<init>(WebResourcePermission.java:54)
>         at org.apache.geronimo.jetty.deployment.JettyModuleBuilder.buildSpecSecurityConfig(JettyModuleBuilder.java:1215)
>         at org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(JettyModuleBuilder.java:821)
>         ... 70 more
> Changing the url-pattern to / fixes the problem, but it seems to me that /* ought to
work too.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message