Re: [jira] Created: (GERONIMO-1585) Web app security on /* causes deployment exception

Sun, 05 Feb 2006 09:07:37 -0800 

Hmmm... , debug tool (G-1448) required a similar
modification. Is it time to recite the specs...?

Thanks
Anita

--- "Aaron Mulder (JIRA)" <[email protected]>
wrote:

> Web app security on /* causes deployment exception
> --------------------------------------------------
> 
>          Key: GERONIMO-1585
>          URL:
> http://issues.apache.org/jira/browse/GERONIMO-1585
>      Project: Geronimo
>         Type: Bug
>   Components: web  
>     Versions: 1.0    
>  Environment: Geronimo 1.0 with Jetty
>     Reporter: Aaron Mulder
>     Priority: Critical
>      Fix For: 1.0.1, 1.1
> 
> 
> Deploying a web app with the following security
> block causes a deployment error:
> 
>     <security-constraint>
>         <web-resource-collection>
>             <web-resource-name>All
> Pages</web-resource-name>
>             <url-pattern>/*</url-pattern>
>             <http-method>GET</http-method>
>             <http-method>POST</http-method>
>             <http-method>PUT</http-method>
>         </web-resource-collection>
>         <auth-constraint>
>             <role-name>User</role-name>
>         </auth-constraint>
>     </security-constraint>
> 
> Note this is essentially right out of the spec (see
> SRV.12.8.2 in the Servlet 2.4 spec).
> 
> The error is:
> 
>     org.apache.geronimo.common.DeploymentException:
> Unable to initialize webapp GBean
>         at
>
org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(JettyModuleBuilder.java:842)
>         ...
>     Caused by: java.lang.IllegalArgumentException:
> Qualifier patterns in the URLPatternSpec cannot
> match the first URLPattern
>         at
>
javax.security.jacc.URLPatternSpec.<init>(URLPatternSpec.java:54)
>         at
>
javax.security.jacc.WebResourcePermission.<init>(WebResourcePermission.java:54)
>         at
>
org.apache.geronimo.jetty.deployment.JettyModuleBuilder.buildSpecSecurityConfig(JettyModuleBuilder.java:1215)
>         at
>
org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(JettyModuleBuilder.java:821)
>         ... 70 more
> 
> Changing the url-pattern to / fixes the problem, but
> it seems to me that /* ought to work too.
> 
> -- 
> This message is automatically generated by JIRA.
> -
> If you think it was sent incorrectly contact one of
> the administrators:
>   
>
http://issues.apache.org/jira/secure/Administrators.jspa
> -
> For more information on JIRA, see:
>    http://www.atlassian.com/software/jira
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Reply via email to