You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Brandon Goodin <ma...@phase.ws> on 2004/02/23 07:53:53 UTC
security constraint bug?
I have the following security constraint specified in my web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Customer Area</web-resource-name>
<url-pattern>/customer/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>customer</role-name>
</auth-constraint>
</security-constraint>
When I go to the following url it gets blocked.
http://phase.zapto.org:8282/customer.do
I'm assuming this is a bug. Is it not?
I'm using Tomcat 5.0.18
Brandon Goodin
Re: security constraint bug?
Posted by Bill Barker <wb...@wilshire.com>.
"Brandon Goodin" <ma...@phase.ws> wrote in message
news:200402230550.i1N5oWMP010515@gh-mail.centurytel.net...
> I have the following security constraint specified in my web.xml:
>
>
>
> <security-constraint>
>
> <web-resource-collection>
>
> <web-resource-name>Customer Area</web-resource-name>
>
> <url-pattern>/customer/*</url-pattern>
>
> </web-resource-collection>
>
> <auth-constraint>
>
> <role-name>customer</role-name>
>
> </auth-constraint>
>
> </security-constraint>
>
>
>
> When I go to the following url it gets blocked.
>
>
>
> http://phase.zapto.org:8282/customer.do
>
>
>
> I'm assuming this is a bug. Is it not?
>
It's a bug, which is fixed in 5.0.19.
>
>
> I'm using Tomcat 5.0.18
>
>
>
> Brandon Goodin
>
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org