You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2001/09/20 11:21:38 UTC
DO NOT REPLY [Bug 3743] New: -
double slash bypasses BASIC authentication
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=3743>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=3743
double slash bypasses BASIC authentication
Summary: double slash bypasses BASIC authentication
Product: Tomcat 3
Version: 3.2.1 Final
Platform: PC
URL: http://localhost:8080/admin//contextAdmin/contextAdmin.h
tml
OS/Version: Windows NT/2K
Status: UNCONFIRMED
Severity: Normal
Priority: Other
Component: Auth
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: analogueboy@blueyonder.co.uk
When you click on 'Context Admin' from http://localhost:8080/admin/index.html,
you are prompted with a username/password challenge. To bypass this check,
simply enter http://localhost:8080/admin//contextAdmin/contextAdmin.html