tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 6279] - Resubmit to j_security_check mistakenly fetches a page of that name
Date Wed, 06 Aug 2003 15:39:16 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6279>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6279

Resubmit to j_security_check mistakenly fetches a page of that name

Brian.Ewins@btinternet.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |WONTFIX



------- Additional Comments From Brian.Ewins@btinternet.com  2003-08-06 15:39 -------
Since people have emailed me directly several times to ask what happened to this
bug, I did a bit of digging. There has been some recent discussion on tomcat-dev:

The 'authenticated but not authorized' case is discussed again here:
http://nagoya.apache.org/eyebrowse/ReadMsg?listId=46&msgNo=58450

An alternate patch for the problem from Jeff Tulley, which also redirects to
error pages:
http://nagoya.apache.org/eyebrowse/ReadMsg?listId=46&msgNo=58547
Remy said of this one: "I won't commit this to TC 4.1.x at this time; I'll give
it a try in TC 5, and see how it works."

Remy gives a good explanation of whats potentially wrong with the patches
attached to this bug here:
http://nagoya.apache.org/eyebrowse/ReadMsg?listName=46&msgId=716594

However, Jeff's patch has been applied in TC5 - forwarding is now the default:
http://cvs.apache.org/viewcvs.cgi/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/FormAuthenticator.java.diff?r1=1.2&r2=1.3&diff_format=h

Since the bug is fixed in TC5, and Remy has already indicated that it will not
be going into 4.1.x, I am closing this bug report as WONTFIX. I know other bugs
were marked as duplicates of this, so if anyone else on the cc list strenuously
objects please feel free to reopen it.

Mime
View raw message