I have a web application that gives the following error when I deploy it to JBOSS
versions 3.2.4, 3.2.5, and 4.0.
09:15:23,613 ERROR [ContextConfig] Parse error in application web.xml
java.lang.IllegalArgumentException: Invalid <url-pattern> /pages/*.jsp in security
constraint
at org.apache.commons.digester.Digester.createSAXException(Digester.java:2540)
at org.apache.commons.digester.Digester.createSAXException(Digester.java:2566)
at org.apache.commons.digester.Digester.endElement(Digester.java:1061)
at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown Source)
at org.apache.xerces.impl.dtd.XMLDTDValidator.endNamespaceScope(Unknown Source)
at org.apache.xerces.impl.dtd.XMLDTDValidator.handleEndElement(Unknown Source)
at org.apache.xerces.impl.dtd.XMLDTDValidator.endElement(Unknown Source)
at
org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanEndElement(Unknown Source)
at
org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown
Source)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown
Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
at org.apache.commons.digester.Digester.parse(Digester.java:1548)
at
org.apache.catalina.startup.ContextConfig.applicationConfig(ContextConfig.java:263)
Here is the <security-constraint> section of the web.xml:
<security-constraint>
<display-name>
Restrict access to JSP pages</display-name>
<web-resource-collection>
<web-resource-name>
Restrict access to JSP pages
</web-resource-name>
This security constraint illustrates how JSP
pages with JavaServer Faces components can be protected from being
accessed without going through the Faces Servlet. The security constraint ensures that
the Faces Servlet will be used or the pages will not be processed.
<url-pattern>/pages/*.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
With no roles defined, no access granted
</auth-constraint>
</security-constraint>
I have deployed the same web application in a a fresh installation of TomCat 4.1.30
and I do not get the error. The JBOSS environments that I have deployed it in are
unmodified as well.
If I change the url-pattern to '/pages/*' I do not get the parsing problem, but I only
want to restrict jsp access.
Any clues?
Thanks.
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3840475#3840475
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3840475
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
JBoss-Development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
