Bill Barker wrote:
Tomcat doesn't adhere to the (new) requirements in the 2.4 Servlet-Spec for
handling the case of Overlapping Constraints:
spec-quote version=2.4 pfd3 section=12.8.1
When a url-pattern and http-method pair occurs in multiple security
constraints, the
applicable constraints (on
Bill Barker wrote:
Tomcat doesn't adhere to the (new) requirements in the 2.4 Servlet-Spec for
handling the case of Overlapping Constraints:
spec-quote version=2.4 pfd3 section=12.8.1
When a url-pattern and http-method pair occurs in multiple security
constraints, the
applicable constraints (on
- Original Message -
From: Jean-Francois Arcand [EMAIL PROTECTED]
To: Tomcat Developers List [EMAIL PROTECTED]
Sent: Thursday, July 24, 2003 6:20 AM
Subject: Re: [5] Authentication for Overlapping Constraints
Bill Barker wrote:
Tomcat doesn't adhere to the (new) requirements
Howdy,
1) Add a method 'List getSecurityConstraints(HttpRequest req,
Context
ctx)'
to Realm, and have AuthenticatorBase loop through them.
2) Have RealmBase create it's own special SecurityConstraint that is
the
intersection of all of the overlapping constraints, and leave
Tomcat doesn't adhere to the (new) requirements in the 2.4 Servlet-Spec for
handling the case of Overlapping Constraints:
spec-quote version=2.4 pfd3 section=12.8.1
When a url-pattern and http-method pair occurs in multiple security
constraints, the
applicable constraints (on the pattern and