You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2004/03/10 20:12:23 UTC
DO NOT REPLY [Bug 27581] New: -
Version 2.4 web.xml does not work
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=27581>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=27581
Version 2.4 web.xml <security-constraint> does not work
Summary: Version 2.4 web.xml <security-constraint> does not work
Product: Tomcat 5
Version: 5.0.19
Platform: PC
OS/Version: Windows NT/2K
Status: NEW
Severity: Critical
Priority: Other
Component: Unknown
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: Nils_Kilden-Pedersen@countrywide.com
In my Servlet spec version 2.4 web.xml file, I have added the following section:
<security-constraint>
<web-resource-collection>
<web-resource-name>Restrict direct JSP access</web-resource-name>
<url-pattern>*.jsp</url-pattern>
</web-resource-collection>
</security-constraint>
This does not stop direct access of JSPs.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org