You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@geronimo.apache.org by "Gary Karasiuk (JIRA)" <de...@geronimo.apache.org> on 2006/02/06 22:01:58 UTC

[jira] Commented: (GERONIMO-603) IllegalArgumentException when deploying WebApp containing a url-pattern of /* in security-constraint

    [ http://issues.apache.org/jira/browse/GERONIMO-603?page=comments#action_12365346 ] 

Gary Karasiuk commented on GERONIMO-603:
----------------------------------------

For what it is worth, this bug cost me a large amount of time. I'd like to see it fixed.

The main problem is that the error message is quite useless. I was trying to deploy my ear and all I got back was this message:

    Error: Unable to distribute StudioPerf.ear: Unable to initialize
    webapp GBean

        Qualifier patterns in the URLPatternSpec cannot match the first
    URLPattern

If it told me what file and line it was complaining about, then I wouldn't have spent two days trying to figure this out. 

> IllegalArgumentException when deploying WebApp containing a url-pattern of /* in security-constraint
> ----------------------------------------------------------------------------------------------------
>
>          Key: GERONIMO-603
>          URL: http://issues.apache.org/jira/browse/GERONIMO-603
>      Project: Geronimo
>         Type: Bug
>   Components: web
>     Reporter: John Sisson
>     Assignee: Alan Cabrera
>      Fix For: 1.1

>
> For example,
> <web-app>
>   ..
>   <security-constraint>
>     <web-resource-collection>
>       <web-resource-name>Access to all of the APP</web-resource-name>
>       <url-pattern>/*</url-pattern>
>     </web-resource-collection>
>   ..
>   </security-constraint>
>   ..
> </web-app>
> The java.lang.IllegalArgumentException("Qualifier patterns in the URLPatternSpec cannot match the first URLPattern") exception is thrown from:
> javax.security.jacc.URLPatternSpec.<init>(java.lang.String) line: 54
> javax.security.jacc.WebResourcePermission.<init>(java.lang.String, java.lang.String) line: 54
> org.apache.geronimo.jetty.deployment.JettyModuleBuilder.buildSpecSecurityConfig(..) line: 1000
> org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(..) line: 400
> Looking at the last paragraph of page 22 of the JACC spec, it seems this should be allowed as it paragraph discusses patterns being made irrelevant by the presence of the path prefix pattern "/*" in a deployment descriptor.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira