Wouldn't '/p/*' imply a match for URLs that contain /p/ (e.g. http://server/webapp/p/securelist.do). This would explain why all other URLs fail to get authentication... they are missing the /p/* pattern
Why not try /public/* Michael Petres ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ InnovObjX Corp. Web: www.innovobjx.com Tel: 905-729-2235 x3 Fax: 905-729-2235 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -----Original Message----- From: Tim Colson [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 10, 2002 5:46 PM To: [EMAIL PROTECTED] Subject: Security match fails url-pattern /p/* on TC 3.2.1 Hey folks - I searched the archives for help but didn't find what I needed. I have a security constraint in my web.xml file like so: <web-resource-collection> <web-resource-name>Protected pages</web-resource-name> <url-pattern>/p/*</url-pattern> </web-resource-collection> Problem arises when I want to get to UNauthenticated pages. http://server/webapp/p/securelist.do -> authenticated http://server/webapp/public/list.do -> authenticated!?!?? If I change the second URL to: http://server/webapp/Public/list.do -> public access, no auth http://server/webapp/ublic/list.do -> public access, no auth If I change the url-pattern to /p/ -> none of the urls force AuthC. I've read and re-read the servlet spec 2.2, and /p/* seems like it's supposed to match the PATH... but TC doesn't appear to be working that way. :-( Am I daft? Is this a known issue? Is it resolved in TC 3.2.x? Thanks, Tim -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
