geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From anita kulshreshtha <a_kuls...@yahoo.com>
Subject Re: [jira] Created: (GERONIMO-1585) Web app security on /* causes deployment exception
Date Mon, 06 Feb 2006 14:21:21 GMT
Page 22, last paragraph of JACC reads -
"........................ 
Any pattern, qualified by a pattern that matches it,
is overridden and made
irrelevant (in the translation) by the qualifying
pattern. Specifically, all extension
patterns and the default pattern are made irrelevant
by the presence of the path
prefix pattern "/*" in a deployment descriptor.
Patterns qualified by the "/*"
pattern violate the URLPatternSpec constraints of
WebResourcePermission and
WebUserDataPermission names and must be rejected by
the corresponding
permission constructors."
   
Thanks
Anita

--- John Sisson <jrsisson@gmail.com> wrote:

> This appears to be related to the issue raised
> around M4 with Jetty.  I 
> hadn't tried tomcat at the time.
> 
> http://issues.apache.org/jira/browse/GERONIMO-603
> 
> John
> 
> 
> anita kulshreshtha wrote:
> > Hmmm... , debug tool (G-1448) required a similar
> > modification. Is it time to recite the specs...?
> >
> > Thanks
> > Anita
> >
> > --- "Aaron Mulder (JIRA)"
> <dev@geronimo.apache.org>
> > wrote:
> >
> >   
> >> Web app security on /* causes deployment
> exception
> >>
> --------------------------------------------------
> >>
> >>          Key: GERONIMO-1585
> >>          URL:
> >>
> http://issues.apache.org/jira/browse/GERONIMO-1585
> >>      Project: Geronimo
> >>         Type: Bug
> >>   Components: web  
> >>     Versions: 1.0    
> >>  Environment: Geronimo 1.0 with Jetty
> >>     Reporter: Aaron Mulder
> >>     Priority: Critical
> >>      Fix For: 1.0.1, 1.1
> >>
> >>
> >> Deploying a web app with the following security
> >> block causes a deployment error:
> >>
> >>     <security-constraint>
> >>         <web-resource-collection>
> >>             <web-resource-name>All
> >> Pages</web-resource-name>
> >>             <url-pattern>/*</url-pattern>
> >>             <http-method>GET</http-method>
> >>             <http-method>POST</http-method>
> >>             <http-method>PUT</http-method>
> >>         </web-resource-collection>
> >>         <auth-constraint>
> >>             <role-name>User</role-name>
> >>         </auth-constraint>
> >>     </security-constraint>
> >>
> >> Note this is essentially right out of the spec
> (see
> >> SRV.12.8.2 in the Servlet 2.4 spec).
> >>
> >> The error is:
> >>
> >>    
> org.apache.geronimo.common.DeploymentException:
> >> Unable to initialize webapp GBean
> >>         at
> >>
> >>     
> >
>
org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(JettyModuleBuilder.java:842)
> >   
> >>         ...
> >>     Caused by:
> java.lang.IllegalArgumentException:
> >> Qualifier patterns in the URLPatternSpec cannot
> >> match the first URLPattern
> >>         at
> >>
> >>     
> >
>
javax.security.jacc.URLPatternSpec.<init>(URLPatternSpec.java:54)
> >   
> >>         at
> >>
> >>     
> >
>
javax.security.jacc.WebResourcePermission.<init>(WebResourcePermission.java:54)
> >   
> >>         at
> >>
> >>     
> >
>
org.apache.geronimo.jetty.deployment.JettyModuleBuilder.buildSpecSecurityConfig(JettyModuleBuilder.java:1215)
> >   
> >>         at
> >>
> >>     
> >
>
org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(JettyModuleBuilder.java:821)
> >   
> >>         ... 70 more
> >>
> >> Changing the url-pattern to / fixes the problem,
> but
> >> it seems to me that /* ought to work too.
> >>
> >> -- 
> >> This message is automatically generated by JIRA.
> >> -
> >> If you think it was sent incorrectly contact one
> of
> >> the administrators:
> >>   
> >>
> >>     
> >
>
http://issues.apache.org/jira/secure/Administrators.jspa
> >   
> >> -
> >> For more information on JIRA, see:
> >>    http://www.atlassian.com/software/jira
> >>
> >>
> >>     
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam?  Yahoo! Mail has the best spam
> protection around 
> > http://mail.yahoo.com 
> >
> >   
> 
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

Mime
View raw message