tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Tomcat Security and Struts
Date Wed, 22 Apr 2009 16:37:01 GMT
Caldarale, Charles R wrote:
>> From: Mikolaj Rydzewski [mailto:miki@ceti.pl]
>> Subject: Re: Tomcat Security and Struts
>>
>> Mark Thomas wrote:
>>> <url-pattern>/*</url-pattern> will protect everything.
>>>
>> If  your login page uses any external assets (images, stylesheets,
>> etc), it will become corrupted (assets won't load).
> 
> Care to explain that?  The above construct seems to work fine for our static resources.
> 
Maybe this : if the login page itself contains a link to a gif located 
in the same area, trying to load that gif will also hit the 
authentication bit, and trigger another login page, before the first 
even finishes displaying ?

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message