tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: Tomcat Security and Struts
Date Wed, 22 Apr 2009 16:37:01 GMT
Caldarale, Charles R wrote:
>> From: Mikolaj Rydzewski []
>> Subject: Re: Tomcat Security and Struts
>> Mark Thomas wrote:
>>> <url-pattern>/*</url-pattern> will protect everything.
>> If  your login page uses any external assets (images, stylesheets,
>> etc), it will become corrupted (assets won't load).
> Care to explain that?  The above construct seems to work fine for our static resources.
Maybe this : if the login page itself contains a link to a gif located 
in the same area, trying to load that gif will also hit the 
authentication bit, and trigger another login page, before the first 
even finishes displaying ?

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message