tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Request not forwarded to login page with security-constraint after session time-out
Date Fri, 27 Feb 2009 16:38:38 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Chuck,

On 2/26/2009 5:39 PM, Caldarale, Charles R wrote:
>> From: Mark Thomas [mailto:markt@apache.org] Subject: Re: Request
>> not forwarded to login page with security-constraint after session
>> time-out
>> 
>> The spec is clearer than that. The "*" role == all roles defined in
>> web.xml.
> 
> Yes, but what it's not clear about is what happens when there are
> *no* roles defined in web.xml, which is the situation the OP has.

It's worse than that: he has no roles table defined, so he gets
SQLExceptions during authorization.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmoFw4ACgkQ9CaO5/Lv0PBD+wCfSVVvZBRbJ85MtrcIPM8FA/VR
kJcAn1DH5tT9Zs4V/XbBPI7pqRfrvpDk
=vOo5
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message