geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From anita kulshreshtha <a_kuls...@yahoo.com>
Subject Re: Extension pattern, i.e. *.do in security constraints
Date Sat, 20 Jan 2007 11:06:16 GMT
  This was reported in 
https://issues.apache.org/jira/browse/GERONIMO-1585#action_12436703
   Please note that the presence/absence of authorization constraint
and a role ( same or different ) in  second security constraint does
not make any difference.

Thanks
Anita

--- David Jencks <david_jencks@yahoo.com> wrote:

> It looks to me as if it should be allowed.  What is the error?
> 
> thanks
> david jencks
> 
> On Jan 19, 2007, at 7:41 PM, anita kulshreshtha wrote:
> 
> >    We do not allow this combintaion of URL patterns in
> > web-resource-collection. This is in line with JACC
> > http://java.sun.com/j2ee/1.4/docs/api/javax/security/jacc/ 
> > WebResourcePermission.html
> >
> >    <security-constraint>
> >         <web-resource-collection>
> >             <web-resource-name>Admin Role</web-resource-name>
> >             <url-pattern>*.do</url-pattern>
> >         </web-resource-collection>
> >         <auth-constraint>
> >             <role-name>content-administrator</role-name>
> >         </auth-constraint>
> >     </security-constraint>
> >
> >     <security-constraint>
> >         <web-resource-collection>
> >             <web-resource-name>Unrestricted
> ACCESS</web-resource-name>
> >             <url-pattern>/login.do</url-pattern>
> >         </web-resource-collection>
> >     </security-constraint>
> >
> >     The following url-patterns are allowed with *.do -
> >      -  /login/*, /login.do/* , i.e. path prefix patterns
> >      -  login.do, i.e. Exact patterns matching *.do
> >      - login.do/, login.do/*
> >     Does anyone know why the above web.xml fragment should or
> should
> > not be allowed?
> >
> > Thanks
> > Anita
> >
> >
> >
> >
>
______________________________________________________________________
> 
> > ______________
> > Get your own web address.
> > Have a HUGE year through Yahoo! Small Business.
> > http://smallbusiness.yahoo.com/domains/?p=BESTDEAL
> 
> 



 
____________________________________________________________________________________
Do you Yahoo!?
Everyone is raving about the all-new Yahoo! Mail beta.
http://new.mail.yahoo.com

Mime
View raw message