[ http://issues.apache.org/jira/browse/GERONIMO-603?page=all ]
Matt Hogstrom updated GERONIMO-603:
-----------------------------------
Fix Version/s: 2.0
(was: 1.2)
Per Gary's comments we'll address this in 2.0
> IllegalArgumentException when deploying WebApp containing a url-pattern of /*
> in security-constraint
> ----------------------------------------------------------------------------------------------------
>
> Key: GERONIMO-603
> URL: http://issues.apache.org/jira/browse/GERONIMO-603
> Project: Geronimo
> Issue Type: Bug
> Components: web
> Reporter: John Sisson
> Assigned To: Alan Cabrera
> Fix For: 2.0
>
>
> For example,
> <web-app>
> ..
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Access to all of the APP</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> ..
> </security-constraint>
> ..
> </web-app>
> The java.lang.IllegalArgumentException("Qualifier patterns in the
> URLPatternSpec cannot match the first URLPattern") exception is thrown from:
> javax.security.jacc.URLPatternSpec.<init>(java.lang.String) line: 54
> javax.security.jacc.WebResourcePermission.<init>(java.lang.String,
> java.lang.String) line: 54
> org.apache.geronimo.jetty.deployment.JettyModuleBuilder.buildSpecSecurityConfig(..)
> line: 1000
> org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(..) line:
> 400
> Looking at the last paragraph of page 22 of the JACC spec, it seems this
> should be allowed as it paragraph discusses patterns being made irrelevant by
> the presence of the path prefix pattern "/*" in a deployment descriptor.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
