tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Igor Fedulov <ifedu...@outlook.net>
Subject RE: Is it a BUG? (Tomcat Web Server v3.2 (final))
Date Tue, 05 Feb 2002 20:53:10 GMT

> This is a known bug in 3.2 and 3.2.1.  I think it was fixed
> in Tomcat 3.2.2.  It is not a problem in Tomcat 3.3 and
> Tomcat 4.x versions as well.

Thanks! Now I have to find out if it's possible to upgrade built in tomcat
in Netbeans to 3.3...


> > -----Original Message-----
> > From: Igor Fedulov [mailto:ifedulov@outlook.net]
> > Sent: Tuesday, February 05, 2002 3:31 PM
> > To: tomcat-user@jakarta.apache.org
> > Subject: Is it a BUG? (Tomcat Web Server v3.2 (final))
> >
> >
> >
> > Hello All:
> >
> > I'm new to this list, so please forgive me if I post
> > something which was
> > posted before. I tried to search
> > http://www.mail-archive.com/tomcat-user@jakarta.apache.org/
> > and come up
> > with nothing.
> >
> > Environment:
> > 1. Netbeans 3.3.1 with built in Tomcat 3.2 server
> > 2. web.xml fragment:
> > 	<security-constraint>
> > 		<web-resource-collection>
> >
> > <web-resource-name>SecurePages</web-resource-name>
> > 			<description>Security constraint for
> > resources in
> > the secure directory</description>
> > 			<url-pattern>/secure/*</url-pattern>
> > 			<http-method>POST</http-method>
> > 			<http-method>GET</http-method>
> > 		</web-resource-collection>
> >
> > 		<auth-constraint>
> > 			<description>only let the system user login
> > </description>
> > 			<role-name>admin</role-name>
> > 		</auth-constraint>
> >
> > 		<user-data-constraint>
> > 			<description>SSL not required</description>
> > 			<transport-guarantee>NONE</transport-guarantee>
> > 		</user-data-constraint>
> > 	</security-constraint>
> >     	<login-config>
> >     		<auth-method>FORM</auth-method>
> >     		<form-login-config>
> >
> > <form-login-page>/LoginForm.html</form-login-page>
> >
> > <form-error-page>/LoginError.html</form-error-page>
> >     		</form-login-config>
> >     	</login-config>
> > 	<security-role>
> > 	    <description>Admin ROLE</description>
> > 	    <role-name>admin</role-name>
> >  	</security-role>
> > 3. Problem:
> >
> > a. request such as http://localhost:8080/secure getting routed to
> > /LoginForm.html as described in web.xml which is cool and what I want.
> > b. request such as http://localhost:8080//secure returns directory
> > listing of secure directory without auth...
> >
> > If this is fixed or known bug please let me know.
> >
> > Thanks!
> >
> > --
> > Best regards,
> > --
> > HTTP is a stateless protocol, and the Internet is a stateless
> > development
> > environment
> > --
> > Igor Fedulov
> > E-mail : ifedulov@outlook.net
> > Work Ph: 773.775.1595
> > Home Ph: 773.281.8938
> > Cell Ph: 773.580.5935
> >
> >
> >
> >
> > --
> > To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> > For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
> > Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
> >
>
> --
> To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
> Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
>
>

-- 
Best regards,
--
HTTP is a stateless protocol, and the Internet is a stateless development
environment
--
Igor Fedulov
E-mail : ifedulov@outlook.net
Work Ph: 773.775.1595
Home Ph: 773.281.8938
Cell Ph: 773.580.5935




--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message