Bug report #306 has just been filed. You can view the report at the following URL: <http://znutar.cortexity.com:8888/BugRatViewer/ShowReport/306> REPORT #306 Details. Project: Tomcat Category: Bug Report SubCategory: New Bug Report Class: swbug State: received Priority: high Severity: critical Confidence: public Environment: Release: Tomcat 3.2 beta 6 JVM Release: 1.3 Operating System: NT OS Release: 2000 Platform: Intel Synopsis: HTTP continues to work (it should not) if using a <transport-guarantee> of CONFIDENTIAL in the web.xml file. Description: When a web.xml file reads as follows: <web-app> <security-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> </web-app> HTTP should no longer work. Only HTTPS should work when accessing HTML pages or Servlets in that particular WebApp. This is not the case: HTTP continues to work. -Alan Bron PROS Revenue Management [EMAIL PROTECTED]Title: BugRat Report # 306
BugRat Report # 306
| Project: Tomcat | Release: Tomcat 3.2 beta 6 |
| Category: Bug Report | SubCategory: New Bug Report |
| Class: swbug | State: received |
| Priority: high | Severity: critical |
|
Confidence:
public
|
Submitter:
_Anonymous ( [EMAIL PROTECTED] )
Date Submitted:
Oct 25 2000, 12:15:25 CDT
Responsible:
Z_Tomcat Alias ( [EMAIL PROTECTED] )
- Synopsis:
-
HTTP continues to work (it should not) if using a
of CONFIDENTIAL in the web.xml file.
- Environment: (jvm, os, osrel, platform)
- 1.3, NT, 2000, Intel
- Additional Environment Description:
- Report Description:
-
When a web.xml file reads as follows:
CONFIDENTIAL
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
