Very good eyes Bill, I agree. The correct fix would have to incorporate both the context name and the constraint URI.
Keith | -----Original Message----- | From: Bill Barker [mailto:wbarker@;wilshire.com] | Sent: Friday, November 08, 2002 2:11 AM | To: Tomcat Developers List | Subject: Re: auth bug fix for 4.0.6 | | | I would guess that it would still | have problems with a request to /foo/protected where the security-constraint | is only for /foo/protected/*. | | -- To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>