tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yann Cebron" <yann...@yahoo.de>
Subject Re: [Repost] TC 5.0.18: behaviour of <security-constraint> changed??
Date Sat, 07 Feb 2004 11:42:41 GMT
Bill,

thanks for confirming this.. I really wonder why nobody else noticed this
before - I'm probably the only one using protected dirs with one character
:-)

 Yann

> Yup, that's a bug.  It's fixed now in the CVS, and will appear in 5.0.19
> (due out in a week or so).
>
> "Yann Cebron" <yannc76@yahoo.de> wrote in message
> news:c00q15$i9r$1@sea.gmane.org...
> > Hi,
> >
> > I have a strange problem with my Struts-Webapp (nightly build) on
5.0.18 -
> > every TC version before worked like expected (4.1.x as well as 5.1.x.
but
> > maybe I'm getting the SERVLET2.4 spec wrong, and some changes have been
> made
> > to 5.0.18 regarding this aspect).
> >
> > I have declared a <security-constraint> with no (empty element) assigned
> > roles for a whole subdirectory containing my JSP pages and other stuff:
> > <url-pattern>/s/*</url-pattern>. Now direct access to this directory
and
> the
> > pages is not possible anymore, everything has to be accessed with the
> > corresponding Struts-Actions.
> >
> > Now comes my problem: *every* Struts-Action whose path starts with the
> > character 's' (just like my protected subdir is named) does not work
> > anymore - TC pops in and wants me to authenticate. Apparently TC is
trying
> > to access "/context/s/" instead of executing "/context/someaction.do"
> which
> > would call the ActionForward "/s/mypage.jsp".
> >
> > I know I can put the stuff as well under /WEB-INF/ to protect the pages,
> but
> > I'm just curious why it does not behave like it did before.
> >
> > Thanks in advance,
> >
> > Yann




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message