subject:"DO NOT REPLY \[Bug 34805\] \- warn about invalid security contraint url patterns"

DO NOT REPLY [Bug 34805] - warn about invalid security contraint url patterns

2005-07-21 Thread bugzilla

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=34805


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED




--- Additional Comments From [EMAIL PROTECTED]  2005-07-21 22:15 ---
Warning added to SecurityCollection.  Thanks for this useful suggestion.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 34805] - warn about invalid security contraint url patterns

2005-05-08 Thread bugzilla

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=34805





--- Additional Comments From [EMAIL PROTECTED]  2005-05-09 01:46 ---
I'm -1 to the patch, as is.  A /login* is a 
perfectly valid (if somewhat strange :) exact-match pattern, so Tomcat can't 
fault it.

I'm +1 to adding a log.warn to SecurityCollection.addPattern for questionable 
patterns like this, since it could only reduce the questions on tomcat-user.


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 34805] - warn about invalid security contraint url patterns

2005-05-08 Thread bugzilla

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=34805





--- Additional Comments From [EMAIL PROTECTED]  2005-05-08 20:30 ---
Created an attachment (id=14967)
 --> (http://issues.apache.org/bugzilla/attachment.cgi?id=14967&action=view)
RealmBase.java.patch

for example /login.do will not be matched by 
  /login*
as per section 11.2 of the Servlet API
Specification
(http://java.sun.com/aboutJava/communityprocess/first/jsr053/servlet23_PFD.pdf)
see also http://java.sun.com/dtd/web-app_2_3.dtd

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 34805] - warn about invalid security contraint url patterns

DO NOT REPLY [Bug 34805] - warn about invalid security contraint url patterns

DO NOT REPLY [Bug 34805] - warn about invalid security contraint url patterns

3 matches

Site Navigation

Mail list logo

Footer information