Don't know probably it's bug of 4.0.2 it's a very old release... I've 4.0.4, I tried bypassing the security to test if I'm affected too but it always ask me authentication
I suggest that u upgrade to a newer release of the server Simone > -----Messaggio originale----- > Da: Paul Downs [mailto:[EMAIL PROTECTED] > Inviato: martedi 4 marzo 2003 12.03 > A: Tomcat Users List > Oggetto: Bypassing security-constraint in 4.0.2 > > > > Hi, > If I have the following configuration: > > <security-constraint> > <web-resource-collection> > <web-resource-name>site</web-resource-name> > <url-pattern>/secret/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>administrator</role-name> > </auth-constraint> > </security-constraint> > > I get prompted for a username and password for this url: > > www.testing.com/secret/ > > but not for this: > > www.testing.com//secret > > was this a known bug, I couldn't find much about it and thought > it may be > quicker to ask you guys? > > Paul > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
