Bug in Combining Authorization Constraints

Hi I have two security-constraint elements in my deployment descriptor. One has auth-constraint role-name*/role-name, and the other does not have any auth-constraint. They both have a same url-pattern. By SRV.12.8.1 Combining Constraints: quote A security constraints that does not contain an

RE: Bug in Combining Authorization Constraints

Replying to my own post. Sorry, the attachment mysteriously disappeared. Anyway, the important part is here security-constraint web-resource-collection web-resource-nameIndex 1/web-resource-name url-pattern/index.jsp/url-pattern

Re: [VOTE] APR or NIO ?

On Mon, Nov 21, 2005 at 11:55:08AM +0100, Remy Maucherat wrote: Henri Gomez wrote: Well why so much noise about NIO/APR ? Because I don't want to have to support 20 different connector technologies (you can call it a business requirement). So one has to be labelled as experimental or

svn commit: r345898 - /tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/Http11AprProcessor.java

Author: remm Date: Mon Nov 21 04:46:09 2005 New Revision: 345898 URL: http://svn.apache.org/viewcvs?rev=345898view=rev Log: - Either I am completely mistaken, or the type used was wrong. Modified: tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/Http11AprProcessor.java

Re: How to turn the Digester off?

Since there was no reply, I am assuming that turning off the digester is not straightforward. Could someone please point me to the relevant code? Thanks Anita --- anita kulshreshtha [EMAIL PROTECTED] wrote: I am using tomcat as an embedded engine and the web.xml is parsed once by

svn commit: r348087 - /tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java

Author: billbarker Date: Mon Nov 21 21:06:40 2005 New Revision: 348087 URL: http://svn.apache.org/viewcvs?rev=348087view=rev Log: The rule is that you authenticate if *all* security-constraints include an auth-constraint. If you have a problem with this, take it up with the Servlet

RE: svn commit: r348087 - /tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java

This is in accordance with both Servlet and JACC specs. JACC spec gives higher precedence to unchecked permissions than checked permissions. Complaints should go to both groups :D Cheers Nam -- Random humorous quote: Usually I try to take it one day at a time, but lately several have

RE: svn commit: r348087 - /tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java

Sorry, I'm just being dump here. My comment should be for r348091 instead of this r348087. Shamefully yours Nam -- Random humorous quote: Monday is an awful way to spend 1/7th of your life. -Original Message- From: Nam T. Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 22,

Create JNDIRealm in admin webapp is not correct.

Hi, gents, Regarding this mail, http://marc.theaimsgroup.com/?l=tomcat-userm=113035775420898w=2 I have tested both tomcat admin app and MBean createJNDIRealm can't create a realm successfully with Tomcat5.5.12. I have checked some code and found a bug in creating an JNDIRealm. The signature of

DO NOT REPLY [Bug 37588] - Creating JNDIRealm through JMX is not correct.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=37588. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE.