tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Security Constraint conflict
Date Fri, 18 Sep 2009 21:04:49 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Peter,

On 9/18/2009 4:34 PM, Peter Holcomb wrote:
> Thanks for your response.  I've read through the example in 13.7.2 of
> the spec

Which version of the spec? I don't see a section 13.8 at all in either
2.4 or 2.5 of the spec. I see the heading "Combining Constraints" listed
under 12.7.1.

> but I don't think I'm understanding how the union works.

I think Tim is incorrect, here. Neither the url-pattern nor the
http-methods overlap, therefore no combining should occur.

> According to my thought process, the url patterns are:
> 
> *.xhtml - access precluded
> 
> /* PUT,DELETE,TRACE,OPTIONS - access precluded

The example I see in 12.7.2 seems to support your expectations.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqz9fEACgkQ9CaO5/Lv0PCyhQCghhbzT4ruq1in03G4GTbsI2DD
v7UAmgKCOefa4O0gcDBTsnDHHePDDSY9
=UViR
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message