geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Sportes (JIRA)" <...@geronimo.apache.org>
Subject [jira] Updated: (GERONIMO-2420) No support of WebDAV http-methods (MKCOL ...) in web-app with security-constraint
Date Mon, 25 Sep 2006 08:29:50 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-2420?page=all ]

Daniel Sportes updated GERONIMO-2420:
-------------------------------------

    Attachment: http-1.txt

http flow for case a)

> No support of WebDAV http-methods (MKCOL ...) in web-app with security-constraint
> ---------------------------------------------------------------------------------
>
>                 Key: GERONIMO-2420
>                 URL: http://issues.apache.org/jira/browse/GERONIMO-2420
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: deployment
>         Environment: Release in WASCE (probably 1.0) - Windows XP - Java 1.5
>            Reporter: Daniel Sportes
>         Attachments: err.log, http-1.txt, http-2.txt, server-Bug-Deployment.log, web-app_2_4b.xsd,
web.xml
>
>
> The schema web-app_2_4.xsd does not accept WebDAV http-method as PROPFIND, MKCOL, etc.
in security-constraint (in web.xml).
> As consequence as I develop a business server based on WebDAV, I cannot require an authentication
for accessing the WebDAV servlet. Just observe it is possible with Tomcat.
> As the error message indicates the web-app_2_4.xsd schema, I patched this schema in the
directory %install%/schema.
> Eclipse is now happy and does not mark anymore my web.xml in error.
> However, this causes an exception at deployment in the server.
> If I remove all forbidden http-method, no more deployment exception of course, but I
do not receive PROPFIND method calls in my servlet.
> If I completely remove the security-constraint section, PROPFIND methods are correctly
received in my servlet ... but the user authentication is no more required (that is not an
acceptable solution for a business server). The method list seems to be coded somewhere else
than in the schema.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message