RE: url-pattern and realms security

2003-08-15 Thread Madere, Colin
, August 14, 2003 11:08 PM To: Tomcat Users List Subject: Re[2]: url-pattern and realms security Hello Colin, Of course, your /* directive will overwrite all. You should use more concrete names and paths. -- Best regards, Alexander mailto:[EMAIL PROTECTED] Friday, August 15, 2003, 4

Re: url-pattern and realms security

2003-08-15 Thread Bill Barker
are in complete control and have script parameters of content, it's not an option. -Original Message- From: Alexander Vavilin [mailto:[EMAIL PROTECTED] Sent: Thursday, August 14, 2003 11:08 PM To: Tomcat Users List Subject: Re[2]: url-pattern and realms security Hello Colin

url-pattern and realms security

2003-08-14 Thread Madere, Colin
So I looked at the servlet spec, but it doesn't specify (as far as I read) how hierarchical security constraints should work and Tomcat 4.1.27 seems to not do hiarachical constraints :) Also searching the list I didn't turn up results of this type, although I swear I've seen this issue before...

Re: url-pattern and realms security

2003-08-14 Thread Alexander Vavilin
Hello Colin, I am not sure, but I think you cannot do this, first an web-resource-name element means an UNIQUE name. Can you understand ? You must give it different names. Second thing, I never heard about http-method element. Hope it will help. -- Best regards, Alexander

RE: url-pattern and realms security

2003-08-14 Thread Madere, Colin
Sorry sorry, web-resource-name elements are unique, just a copying error. -Original Message- From: Alexander Vavilin [mailto:[EMAIL PROTECTED] Sent: Thursday, August 14, 2003 10:33 PM To: Tomcat Users List Subject: Re: url-pattern and realms security Hello Colin, I am not sure, but I

Re[2]: url-pattern and realms security

2003-08-14 Thread Alexander Vavilin
error. MC -Original Message- MC From: Alexander Vavilin [mailto:[EMAIL PROTECTED] MC Sent: Thursday, August 14, 2003 10:33 PM MC To: Tomcat Users List MC Subject: Re: url-pattern and realms security MC Hello Colin, MC I am not sure, but I think you cannot do this, first an web-resource

Re: url-pattern and realms security

2003-08-14 Thread Bill Barker
It's a Tomcat implementation detail, but I believe that 4.1.x does a first-match (so moving /* to the end of the list should work). The Servlet 2.4 spec is much more specific about what to do in your case, so Tomcat 5 and WebLogic should do the same thing when they come out. Madere, Colin [EMAIL

RE: url-pattern and realms security

2003-08-14 Thread Madere, Colin
So simple, gotta love those. All is working as desired. Thanks Bill! -Original Message- From: Bill Barker [mailto:[EMAIL PROTECTED] Sent: Thursday, August 14, 2003 11:27 PM To: [EMAIL PROTECTED] Subject: Re: url-pattern and realms security It's a Tomcat implementation detail, but I