tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 4374] New: - bypass of authentication mechanism
Date Tue, 23 Oct 2001 18:59:40 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4374>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=4374

bypass of authentication mechanism

           Summary: bypass of authentication mechanism
           Product: Tomcat 4
           Version: 4.0.1 Final
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Unknown
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: mike.adair@ccrs.nrcan.gc.ca


The container based security mechanism in tomcat can be bypassed by accessing 
the protected page using <jsp:include/> or <jsp:forward/>.  A user can access

the page with a null username, where I think the login form should be displayed.

This is occuring with the MemoryRealm, as well as with my custom JDBC realm 
implementation.  It also applies to tomcat v3.2.3.

I will add an attachement to this bug report which is a jsp file that can be 
used in the webapps/examples/jsp directory to demonstrate the problem.

Mime
View raw message