You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Yann Cebron <ya...@yahoo.de> on 2004/02/06 20:31:05 UTC
[Repost] TC 5.0.18: behaviour of changed??
Hi,
I have a strange problem with my Struts-Webapp (nightly build) on 5.0.18 -
every TC version before worked like expected (4.1.x as well as 5.1.x. but
maybe I'm getting the SERVLET2.4 spec wrong, and some changes have been made
to 5.0.18 regarding this aspect).
I have declared a <security-constraint> with no (empty element) assigned
roles for a whole subdirectory containing my JSP pages and other stuff:
<url-pattern>/s/*</url-pattern>. Now direct access to this directory and the
pages is not possible anymore, everything has to be accessed with the
corresponding Struts-Actions.
Now comes my problem: *every* Struts-Action whose path starts with the
character 's' (just like my protected subdir is named) does not work
anymore - TC pops in and wants me to authenticate. Apparently TC is trying
to access "/context/s/" instead of executing "/context/someaction.do" which
would call the ActionForward "/s/mypage.jsp".
I know I can put the stuff as well under /WEB-INF/ to protect the pages, but
I'm just curious why it does not behave like it did before.
Thanks in advance,
Yann
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: [Repost] TC 5.0.18: behaviour of changed??
Posted by Yann Cebron <ya...@yahoo.de>.
Bill,
thanks for confirming this.. I really wonder why nobody else noticed this
before - I'm probably the only one using protected dirs with one character
:-)
Yann
> Yup, that's a bug. It's fixed now in the CVS, and will appear in 5.0.19
> (due out in a week or so).
>
> "Yann Cebron" <ya...@yahoo.de> wrote in message
> news:c00q15$i9r$1@sea.gmane.org...
> > Hi,
> >
> > I have a strange problem with my Struts-Webapp (nightly build) on
5.0.18 -
> > every TC version before worked like expected (4.1.x as well as 5.1.x.
but
> > maybe I'm getting the SERVLET2.4 spec wrong, and some changes have been
> made
> > to 5.0.18 regarding this aspect).
> >
> > I have declared a <security-constraint> with no (empty element) assigned
> > roles for a whole subdirectory containing my JSP pages and other stuff:
> > <url-pattern>/s/*</url-pattern>. Now direct access to this directory and
> the
> > pages is not possible anymore, everything has to be accessed with the
> > corresponding Struts-Actions.
> >
> > Now comes my problem: *every* Struts-Action whose path starts with the
> > character 's' (just like my protected subdir is named) does not work
> > anymore - TC pops in and wants me to authenticate. Apparently TC is
trying
> > to access "/context/s/" instead of executing "/context/someaction.do"
> which
> > would call the ActionForward "/s/mypage.jsp".
> >
> > I know I can put the stuff as well under /WEB-INF/ to protect the pages,
> but
> > I'm just curious why it does not behave like it did before.
> >
> > Thanks in advance,
> >
> > Yann
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: [Repost] TC 5.0.18: behaviour of changed??
Posted by Bill Barker <wb...@wilshire.com>.
Yup, that's a bug. It's fixed now in the CVS, and will appear in 5.0.19
(due out in a week or so).
"Yann Cebron" <ya...@yahoo.de> wrote in message
news:c00q15$i9r$1@sea.gmane.org...
> Hi,
>
> I have a strange problem with my Struts-Webapp (nightly build) on 5.0.18 -
> every TC version before worked like expected (4.1.x as well as 5.1.x. but
> maybe I'm getting the SERVLET2.4 spec wrong, and some changes have been
made
> to 5.0.18 regarding this aspect).
>
> I have declared a <security-constraint> with no (empty element) assigned
> roles for a whole subdirectory containing my JSP pages and other stuff:
> <url-pattern>/s/*</url-pattern>. Now direct access to this directory and
the
> pages is not possible anymore, everything has to be accessed with the
> corresponding Struts-Actions.
>
> Now comes my problem: *every* Struts-Action whose path starts with the
> character 's' (just like my protected subdir is named) does not work
> anymore - TC pops in and wants me to authenticate. Apparently TC is trying
> to access "/context/s/" instead of executing "/context/someaction.do"
which
> would call the ActionForward "/s/mypage.jsp".
>
> I know I can put the stuff as well under /WEB-INF/ to protect the pages,
but
> I'm just curious why it does not behave like it did before.
>
> Thanks in advance,
>
> Yann
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org