You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/05/14 03:03:56 UTC

DO NOT REPLY [Bug 9023] - Servlet Container does not convert the roles, which wherer specified in the Element

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9023>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9023

Servlet Container does not convert the roles, which wherer specified in the Element <security-role-ref>

remm@apache.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID



------- Additional Comments From remm@apache.org  2002-05-14 01:03 -------
There is no servlet-mapping in your web.xml for the JSP page, so the request
actually goes to the default Jasper wrapper, which doesn't have the role links
defined.

Bug 9027 likely has the same root cause (web.xml has the same problem).

Using this for the web.xml works:

<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
    "http://java.sun.com/dtd/web-app_2_3.dtd">

<web-app>
<servlet>
<servlet-name>RoleReference</servlet-name>
<jsp-file>/test.jsp</jsp-file>
<security-role-ref>
<role-name>roleAlias1</role-name>
<role-link>role1</role-link>
</security-role-ref>
<security-role-ref>
<role-name>roleAlias2</role-name>
<role-link>tomcat</role-link>
</security-role-ref>
</servlet>
<servlet-mapping>
<servlet-name>
RoleReference
</servlet-name>
<url-pattern>
/test
</url-pattern>
</servlet-mapping>
<security-constraint>
<display-name>test</display-name>
<web-resource-collection>
<web-resource-name>Collection1</web-resource-name>
<url-pattern>/test</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>tomcat</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<role-name>role1</role-name>
</security-role>
<security-role>
<role-name>tomcat</role-name>
</security-role>
</web-app>

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>