Craig,
Can you send me a piece of example of the configuration ? I can't see what
I'm doing wrong. I've already tested both suggestions and I didn't get that
message back in any case.
Thanks,
Wellington
-----Original Message-----
From: Craig R. McClanahan
[mailto:[EMAIL PROTECTED]]
Sent: 16 November 2000 19:06
To: [EMAIL PROTECTED]
Subject: Re: using SSL on standalone Tomcat - Urgent
!
Kurt Bernhard Pruenner wrote:
> "Lacerda, Wellington (AFIS)" wrote:
> > > <web-app>
> > > <security-constraint>
> > > <web-resource-collection>
> > > <web-resource-name>a</web-resource-name>
> > > <url-pattern>/wlss1/*</url-pattern>
> >
> > Change this to "/*". The <url-pattern> setting is
relative
> > to your context, not to the server root.
>
> AFAIK, the spec says to use "/" instead of "/*" - give
that a try, I'd say.
>
In a security constraint, a "/" pattern would only match the
"welcome" page for an
application, not any of its contents. If you want to
protect the entire
application, you need to use "/*".
If configured properly, I know this works because I've
tested it (3.2b7) -- you
get an error message back that says "SSL is required for
this context".
>
> --
> Kurt Pruenner - Haendelstrasse 17, 4020 Linz, Austria |
Briareos at Olymp BBS:
> http://www.mp3.com/Leak http://www.ssw.uni-linz.ac.at |
ssh [EMAIL PROTECTED]
> ...........It might be written "Mindfuck", but it's spelt
"L-A-I-N"...........
> np: Kendall Jackman - Weightless (ambient.01@hyperreal
comp.)
Craig McClanahan
