[
https://issues.apache.org/jira/browse/GERONIMO-603?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Prasad Kashyap updated GERONIMO-603:
------------------------------------
Fix Version/s: (was: 2.0-M5)
2.0
> IllegalArgumentException when deploying WebApp containing a url-pattern of /*
> in security-constraint
> ----------------------------------------------------------------------------------------------------
>
> Key: GERONIMO-603
> URL: https://issues.apache.org/jira/browse/GERONIMO-603
> Project: Geronimo
> Issue Type: Bug
> Components: web
> Reporter: John Sisson
> Assignee: Alan Cabrera
> Fix For: 2.0
>
>
> For example,
> <web-app>
> ..
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Access to all of the APP</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> ..
> </security-constraint>
> ..
> </web-app>
> The java.lang.IllegalArgumentException("Qualifier patterns in the
> URLPatternSpec cannot match the first URLPattern") exception is thrown from:
> javax.security.jacc.URLPatternSpec.<init>(java.lang.String) line: 54
> javax.security.jacc.WebResourcePermission.<init>(java.lang.String,
> java.lang.String) line: 54
> org.apache.geronimo.jetty.deployment.JettyModuleBuilder.buildSpecSecurityConfig(..)
> line: 1000
> org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(..) line:
> 400
> Looking at the last paragraph of page 22 of the JACC spec, it seems this
> should be allowed as it paragraph discusses patterns being made irrelevant by
> the presence of the path prefix pattern "/*" in a deployment descriptor.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
