tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Request not forwarded to login page with security-constraint after session time-out
Date Mon, 02 Mar 2009 16:49:10 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Marcel,

On 2/27/2009 5:17 PM, Marcel Stör wrote:
> 
> On 27.02.2009, at 17:38, Christopher Schultz wrote:
> 
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Chuck,
>>
>> On 2/26/2009 5:39 PM, Caldarale, Charles R wrote:
>>>> From: Mark Thomas [mailto:markt@apache.org] Subject: Re: Request
>>>> not forwarded to login page with security-constraint after session
>>>> time-out
>>>>
>>>> The spec is clearer than that. The "*" role == all roles defined in
>>>> web.xml.
>>>
>>> Yes, but what it's not clear about is what happens when there are
>>> *no* roles defined in web.xml, which is the situation the OP has.
>>
>> It's worse than that: he has no roles table defined, so he gets
>> SQLExceptions during authorization.
> 
> 
> [OT]
> Yes, indeed.
> I had expected that Tomcat would handle this more gracefully. I find it
> odd that JDBCRealm does try to run a query against the role table
> without checking first if one has even been defined. This is
> particularly annoying because the <Realm> tag in context.xml cannot be
> validated against a DTD or schema -> from a configuration point of view
> I'm not required to define it.

Patches are always welcome :)

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmsDgYACgkQ9CaO5/Lv0PDrGwCgvcKAeb9tIPqIRGmAgw2ClvTl
0qAAoMQhP6hh/VorqRKMyy4gR62pVbMw
=BSPA
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message