[ http://issues.apache.org/jira/browse/GERONIMO-603?page=all ]
Matt Hogstrom updated GERONIMO-603: ----------------------------------- Fix Version: 1.1 (was: 1.0) Not sure if this is still an issue. Alan, I'm moving it to 1.x. Feel free to bring it back if you think this needs to be fixed for 1.0 > IllegalArgumentException when deploying WebApp containing a url-pattern of /* > in security-constraint > ---------------------------------------------------------------------------------------------------- > > Key: GERONIMO-603 > URL: http://issues.apache.org/jira/browse/GERONIMO-603 > Project: Geronimo > Type: Bug > Components: web > Reporter: John Sisson > Assignee: Alan Cabrera > Fix For: 1.1 > > For example, > <web-app> > .. > <security-constraint> > <web-resource-collection> > <web-resource-name>Access to all of the APP</web-resource-name> > <url-pattern>/*</url-pattern> > </web-resource-collection> > .. > </security-constraint> > .. > </web-app> > The java.lang.IllegalArgumentException("Qualifier patterns in the > URLPatternSpec cannot match the first URLPattern") exception is thrown from: > javax.security.jacc.URLPatternSpec.<init>(java.lang.String) line: 54 > javax.security.jacc.WebResourcePermission.<init>(java.lang.String, > java.lang.String) line: 54 > org.apache.geronimo.jetty.deployment.JettyModuleBuilder.buildSpecSecurityConfig(..) > line: 1000 > org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(..) line: > 400 > Looking at the last paragraph of page 22 of the JACC spec, it seems this > should be allowed as it paragraph discusses patterns being made irrelevant by > the presence of the path prefix pattern "/*" in a deployment descriptor. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira