tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Kohll <oli...@gtwm.co.uk>
Subject Re: auth-constraint in web.xml in tomcat 5.5.15
Date Mon, 06 Feb 2006 10:54:55 GMT
Thanks. Commenting out the <auth-constraint> got the result I want.

Oliver

On 3 Feb 2006, at 17:54, Mark Thomas wrote:

> Oliver Kohll wrote:
>> Hi,
>>
>> I have security for a web application managed by a DataSource   
>> database
>> realm. Using tomcat 5.5.14 this works fine but in 5.5.15  there  
>> seems to
>> be a problem.
>
>> The problem seems to be the <role-name>*</role-name> line. If I put a
>> specific role in, users in that role can log in but the * wildcard
>> doesn't work. A 403 HTTP rejection is issued if the user inputs a
>> correct username and password (if they put in the wrong username/
>> password, it prompts again as expected). As users themselves can add
>> roles to the database, I don't know what the roles may be so I  
>> have  to
>> use the wildcard.
>
> The special role "*" means all roles specified in web.xml. It does not
> mean all roles specified in the realm nor does it mean all
> authenticated users.
>
> The fix for 15570 was to correctly handle "*". It used to be
> interpreted as all authenticated users. It is now correctly
> interpreted as all roles defined in web.xml.
>
> Mark
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

oliver@gtwebmarque.com / 0845 456 1810 / 07814 828608
Furze Bank, 34 Hanover Street, SWANSEA UK, SA1 6BA


NOTE
No contracts may be concluded on behalf of GT webMarque by means of e- 
mail
communications. The contents of this e-mail are confidential to the
intended recipient at the e-mail address to which it has been addressed;
it may not be disclosed to or used by anyone other than this addressee,
nor may it be copied in any way. If received in error please return to
sender via e-mail.

DISCLAIMER
Please note that neither GT webMarque Ltd nor the sender accept any
responsibility for viruses transmitted via e-mail. It is your
responsibility to scan attachments (if any).



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message