tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "MCCAY,LARRY (HP-NewJersey,ex2)" <lawrence_mccay-...@hp.com>
Subject Servlet Constraint Matching
Date Wed, 16 Jan 2002 05:43:46 GMT
Hi,

I am having trouble determining tomcat 4.0.1's implementation of constraint
match semantics.
I have a simple application for testing what I expect the matching behavior
to be - I have attached the .war file for your enjoyment.

My expectation is that an implementation of "best match" would result in a
precedence as follows:

1. Exact matches
2. Prefix matches longest (most precise) first - prefix constraints should
be sorted by length
3. Extension matches
4. Default matches

What I am observing appears to be closer to "first match" behavior.

I'm just hoping to get some insight into what the behavior is supposed to
be.

Thanks in advance,

--Larry

My web.xml is:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application
2.3//EN"
                         "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>    
<servlet>
	<servlet-name>Constraints</servlet-name>
	<servlet-class>test.ConstraintMatchingServlet</servlet-class>
</servlet>

<servlet-mapping>
	<servlet-name>Constraints</servlet-name>
	<url-pattern>/acme/widget/x</url-pattern>
</servlet-mapping>

<servlet-mapping>
	<servlet-name>Constraints</servlet-name>
	<url-pattern>/acme/widget/longerprefix/x</url-pattern>
</servlet-mapping>

<welcome-file-list>
	<welcome-file>index.jsp</welcome-file>
</welcome-file-list>

<security-constraint>
	<web-resource-collection>
		<web-resource-name>exact-get-manager</web-resource-name>
		<url-pattern>*.jsp</url-pattern>
		<http-method>GET</http-method>
	</web-resource-collection>
	<auth-constraint>
		<role-name>manager</role-name>
	</auth-constraint>
	<user-data-constraint>
		<transport-guarantee>NONE</transport-guarantee>
	</user-data-constraint>
</security-constraint>

<security-constraint>
	<web-resource-collection>
		<web-resource-name>exact-get-manager</web-resource-name>
		<url-pattern>/acme/widget/*</url-pattern>
		<http-method>GET</http-method>
	</web-resource-collection>
	<auth-constraint>
		<role-name>manager</role-name>
	</auth-constraint>
	<user-data-constraint>
		<transport-guarantee>NONE</transport-guarantee>
	</user-data-constraint>
</security-constraint>

<security-constraint>
	<web-resource-collection>
		<web-resource-name>exact-get-manager</web-resource-name>
		<url-pattern>/acme/widget/longerprefix/*</url-pattern>
		<http-method>GET</http-method>
	</web-resource-collection>
	<auth-constraint>
		<role-name>developer</role-name>
	</auth-constraint>
	<user-data-constraint>
		<transport-guarantee>NONE</transport-guarantee>
	</user-data-constraint>
</security-constraint>

<security-constraint>
	<web-resource-collection>
		<web-resource-name>exact-get-manager</web-resource-name>
	
<url-pattern>/acme/widget/longerprefix/FormPostForManager.jsp</url-pattern>
		<http-method>GET</http-method>
	</web-resource-collection>
	<auth-constraint>
		<role-name>manager</role-name>
	</auth-constraint>
	<user-data-constraint>
		<transport-guarantee>NONE</transport-guarantee>
	</user-data-constraint>
</security-constraint>

<security-constraint>
	<web-resource-collection>
		<web-resource-name>exact-get-manager</web-resource-name>
		<url-pattern>/acme/widget/ssl/*</url-pattern>
		<http-method>GET</http-method>
		<http-method>POST</http-method>
	</web-resource-collection>
	<auth-constraint>
		<role-name>manager</role-name>
	</auth-constraint>
	<user-data-constraint>
		<transport-guarantee>INTEGRAL</transport-guarantee>
	</user-data-constraint>
</security-constraint>

<security-constraint>
	<web-resource-collection>
		<web-resource-name>exact-post-manager</web-resource-name>
		<url-pattern>/acme/widget/longerprefix/x</url-pattern>
		<http-method>POST</http-method>
	</web-resource-collection>
	<auth-constraint>
		<role-name>manager</role-name>
	</auth-constraint>
	<user-data-constraint>
		<transport-guarantee>INTEGRAL</transport-guarantee>
	</user-data-constraint>
</security-constraint>

<security-constraint>
	<web-resource-collection>
	
<web-resource-name>prefix-get-post-manager-developer</web-resource-name>
		<url-pattern>/acme/widget/ssl/*</url-pattern>
		<http-method>GET</http-method>
		<http-method>POST</http-method>
	</web-resource-collection>
	<auth-constraint>
		<role-name>manager</role-name>
	</auth-constraint>
</security-constraint>

<login-config>
	<auth-method>BASIC</auth-method>
	<realm-name>Constraint Matching Application</realm-name>
</login-config>
</web-app>

--------------------------------------------
Larry McCay Senior Architect 
HP Bluestone
6000 Irwin Road
Mount Laurel, NJ 08054 USA
TEL +1 856.638.6035
FAX +1 856.638.6190
EMAIL lawrence_mccay-iii@hp.com
 
 


Mime
View raw message