Kurt Bernhard Pruenner wrote:
> "Lacerda, Wellington (AFIS)" wrote:
> > > <web-app>
> > > <security-constraint>
> > > <web-resource-collection>
> > > <web-resource-name>a</web-resource-name>
> > > <url-pattern>/wlss1/*</url-pattern>
> >
> > Change this to "/*". The <url-pattern> setting is relative
> > to your context, not to the server root.
>
> AFAIK, the spec says to use "/" instead of "/*" - give that a try, I'd say.
>
In a security constraint, a "/" pattern would only match the "welcome" page for an
application, not any of its contents. If you want to protect the entire
application, you need to use "/*".
If configured properly, I know this works because I've tested it (3.2b7) -- you
get an error message back that says "SSL is required for this context".
>
> --
> Kurt Pruenner - Haendelstrasse 17, 4020 Linz, Austria | Briareos at Olymp BBS:
> http://www.mp3.com/Leak http://www.ssw.uni-linz.ac.at | ssh [EMAIL PROTECTED]
> ...........It might be written "Mindfuck", but it's spelt "L-A-I-N"...........
> np: Kendall Jackman - Weightless (ambient.01@hyperreal comp.)
Craig McClanahan
