You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2002/05/14 03:03:56 UTC
DO NOT REPLY [Bug 9023] -
Servlet Container does not convert the roles, which wherer specified in the Element
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9023>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9023
Servlet Container does not convert the roles, which wherer specified in the Element <security-role-ref>
remm@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From remm@apache.org 2002-05-14 01:03 -------
There is no servlet-mapping in your web.xml for the JSP page, so the request
actually goes to the default Jasper wrapper, which doesn't have the role links
defined.
Bug 9027 likely has the same root cause (web.xml has the same problem).
Using this for the web.xml works:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<servlet>
<servlet-name>RoleReference</servlet-name>
<jsp-file>/test.jsp</jsp-file>
<security-role-ref>
<role-name>roleAlias1</role-name>
<role-link>role1</role-link>
</security-role-ref>
<security-role-ref>
<role-name>roleAlias2</role-name>
<role-link>tomcat</role-link>
</security-role-ref>
</servlet>
<servlet-mapping>
<servlet-name>
RoleReference
</servlet-name>
<url-pattern>
/test
</url-pattern>
</servlet-mapping>
<security-constraint>
<display-name>test</display-name>
<web-resource-collection>
<web-resource-name>Collection1</web-resource-name>
<url-pattern>/test</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>tomcat</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<role-name>role1</role-name>
</security-role>
<security-role>
<role-name>tomcat</role-name>
</security-role>
</web-app>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>