subject:"Re\: struts\-site git commit\: update security page"

Re: struts-site git commit: update security page

2017-06-20 Thread Greg Huber

My main site is not a struts app, so mixing defaults may be best here.

Also, the security constraints apply to the welcome files so some sort of
servlet redirect is required to make it work (via tomcat user list).

Cheers Greg

On 19 June 2017 at 11:20, Lukasz Lenart  wrote:

> 2017-06-19 9:17 GMT+02:00 Greg Huber :
> > Tested it again tomcat (8.5.15), definitely a 403.  Will see if I can
> find
> > some more info.
>
> Hmm...but you do not need the , I am using
>  which does exactly the same thing.
>
>
> Regards
> --
> Łukasz
> + 48 606 323 122 http://www.lenart.org.pl/
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
> For additional commands, e-mail: dev-h...@struts.apache.org
>
>

Re: struts-site git commit: update security page

2017-06-19 Thread Lukasz Lenart

2017-06-19 9:17 GMT+02:00 Greg Huber :
> Tested it again tomcat (8.5.15), definitely a 403.  Will see if I can find
> some more info.

Hmm...but you do not need the , I am using
 which does exactly the same thing.


Regards
-- 
Łukasz
+ 48 606 323 122 http://www.lenart.org.pl/

-
To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
For additional commands, e-mail: dev-h...@struts.apache.org

Re: struts-site git commit: update security page

2017-06-19 Thread Greg Huber

Tested it again tomcat (8.5.15), definitely a 403.  Will see if I can find
some more info.

On 19 June 2017 at 08:04, Lukasz Lenart  wrote:

> Did you test that? I think  ignore security constraints
> ... or maybe it was just Jetty ;)
>
> 2017-06-16 10:50 GMT+02:00 Greg Huber :
> > ...Although it blocks the  file.
> >
> > 
> > 
> > No direct JSP access
> > 
> > No-JSP
> > *.jsp
> > 
> > 
> > no-users
> > 
> > 
> >
> > 
> > Don't assign users to this role
> > no-users
> > 
> >
> > 
> > WEB-INF/jsps/index.jsp
> > 
> >
> > On 16 June 2017 at 08:54, Lukasz Lenart  wrote:
> >
> >> Great! I have added a ToC and pushed to the top :)
> >>
> >> http://struts.apache.org/security/
> >>
> >>
> >> Regards
> >> --
> >> Łukasz
> >> + 48 606 323 122 http://www.lenart.org.pl/
> >>
> >> -
> >> To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
> >> For additional commands, e-mail: dev-h...@struts.apache.org
> >>
> >>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
> For additional commands, e-mail: dev-h...@struts.apache.org
>
>

Re: struts-site git commit: update security page

2017-06-19 Thread Lukasz Lenart

Did you test that? I think  ignore security constraints
... or maybe it was just Jetty ;)

2017-06-16 10:50 GMT+02:00 Greg Huber :
> ...Although it blocks the  file.
>
> 
> 
> No direct JSP access
> 
> No-JSP
> *.jsp
> 
> 
> no-users
> 
> 
>
> 
> Don't assign users to this role
> no-users
> 
>
> 
> WEB-INF/jsps/index.jsp
> 
>
> On 16 June 2017 at 08:54, Lukasz Lenart  wrote:
>
>> Great! I have added a ToC and pushed to the top :)
>>
>> http://struts.apache.org/security/
>>
>>
>> Regards
>> --
>> Łukasz
>> + 48 606 323 122 http://www.lenart.org.pl/
>>
>> -
>> To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
>> For additional commands, e-mail: dev-h...@struts.apache.org
>>
>>

-
To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
For additional commands, e-mail: dev-h...@struts.apache.org

Re: struts-site git commit: update security page

2017-06-16 Thread Greg Huber

...Although it blocks the  file.



No direct JSP access

No-JSP
*.jsp


no-users




Don't assign users to this role
no-users



WEB-INF/jsps/index.jsp


On 16 June 2017 at 08:54, Lukasz Lenart  wrote:

> Great! I have added a ToC and pushed to the top :)
>
> http://struts.apache.org/security/
>
>
> Regards
> --
> Łukasz
> + 48 606 323 122 http://www.lenart.org.pl/
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
> For additional commands, e-mail: dev-h...@struts.apache.org
>
>

Re: struts-site git commit: update security page

2017-06-16 Thread Greg Huber

Thanks, good to know.

On 16 June 2017 at 08:54, Lukasz Lenart  wrote:

> Great! I have added a ToC and pushed to the top :)
>
> http://struts.apache.org/security/
>
>
> Regards
> --
> Łukasz
> + 48 606 323 122 http://www.lenart.org.pl/
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
> For additional commands, e-mail: dev-h...@struts.apache.org
>
>

Re: struts-site git commit: update security page

2017-06-16 Thread Lukasz Lenart

Great! I have added a ToC and pushed to the top :)

http://struts.apache.org/security/


Regards
-- 
Łukasz
+ 48 606 323 122 http://www.lenart.org.pl/

-
To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
For additional commands, e-mail: dev-h...@struts.apache.org

Re: struts-site git commit: update security page

Re: struts-site git commit: update security page

Re: struts-site git commit: update security page

Re: struts-site git commit: update security page

Re: struts-site git commit: update security page

Re: struts-site git commit: update security page

Re: struts-site git commit: update security page

7 matches

Site Navigation

Mail list logo

Footer information