[ https://issues.apache.org/jira/browse/GERONIMO-1585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12466269 ]
David Jencks commented on GERONIMO-1585: ---------------------------------------- I've moved Dmitry's issue to GERONIMO-2763, it is a separate problem. > Web app security on /* causes deployment exception > -------------------------------------------------- > > Key: GERONIMO-1585 > URL: https://issues.apache.org/jira/browse/GERONIMO-1585 > Project: Geronimo > Issue Type: Bug > Security Level: public(Regular issues) > Components: security, web > Affects Versions: 1.1, 1.1.2, 1.2, 2.0 > Environment: Geronimo 1.0 with Jetty and tomcat > Reporter: Aaron Mulder > Assigned To: David Jencks > Priority: Critical > Fix For: 1.1.x, 1.2, 2.0-M2 > > Attachments: G1585-Geronimo2.0.patch, g1585-nologin.war, g1585.war, > security.patch > > > Deploying a web app with the following security block causes a deployment > error: > <security-constraint> > <web-resource-collection> > <web-resource-name>All Pages</web-resource-name> > <url-pattern>/*</url-pattern> > <http-method>GET</http-method> > <http-method>POST</http-method> > <http-method>PUT</http-method> > </web-resource-collection> > <auth-constraint> > <role-name>User</role-name> > </auth-constraint> > </security-constraint> > Note this is essentially right out of the spec (see SRV.12.8.2 in the Servlet > 2.4 spec). > The error is: > org.apache.geronimo.common.DeploymentException: Unable to initialize > webapp GBean > at > org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(JettyModuleBuilder.java:842) > ... > Caused by: java.lang.IllegalArgumentException: Qualifier patterns in the > URLPatternSpec cannot match the first URLPattern > at javax.security.jacc.URLPatternSpec.<init>(URLPatternSpec.java:54) > at > javax.security.jacc.WebResourcePermission.<init>(WebResourcePermission.java:54) > at > org.apache.geronimo.jetty.deployment.JettyModuleBuilder.buildSpecSecurityConfig(JettyModuleBuilder.java:1215) > at > org.apache.geronimo.jetty.deployment.JettyModuleBuilder.addGBeans(JettyModuleBuilder.java:821) > ... 70 more > Changing the url-pattern to / fixes the problem, but it seems to me that /* > ought to work too. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira