You didn't look hard enough :) <spec-quote version="2.4" section="11.1"> An extension is defined as the part of the last segment after the last '.' character. </spec-quote>
----- Original Message ----- From: "Mercado . Maria" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Monday, October 18, 2004 7:45 AM Subject: RE: problem with security-constraint with Tomcat 5 Thanks for the suggestion, Yoav. I looked but I didn't see anything that stated that a url pattern with 2 dots is illegal. - Cecile Mercado -----Original Message----- From: Shapira, Yoav [mailto:[EMAIL PROTECTED] Sent: Monday, October 18, 2004 9:12 AM To: Tomcat Users List Subject: RE: problem with security-constraint with Tomcat 5 Hi, Could this be something that changed (or rather, was clarified) in the Servlet Spec between version 2.3 (which Tomcat 4.x implements) and 2.4 (which Tomcat 5.x implements)? ;) Yoav Shapira http://www.yoavshapira.com >-----Original Message----- >From: Mercado . Maria [mailto:[EMAIL PROTECTED] >Sent: Monday, October 18, 2004 10:08 AM >To: [EMAIL PROTECTED] >Subject: problem with security-constraint with Tomcat 5 > >I'm looking into migrating our project from Tomcat 4.1.30 to Tomcat 5.0.28. >We're also using Tiles and Struts 1.1. The problem is that Tomcat 5 seems >to be confused with a url pattern that works with Tomcat 4. Here's the >pertinent parts of web.xml (I get the same results with 2.3 or 2.4 version >of web.xml): > >"... > ><!-- Struts action servlet --> > <servlet> > <servlet-name>strutsnav</servlet-name> > <servlet-class>org.apache.struts.action.ActionServlet</servlet- >class> > <init-param> > <param-name>config</param-name> > <param-value>/WEB-INF/conf/struts-config.xml</param-value> > </init-param> > <init-param> > <param-name>validate</param-name> > <param-value>true</param-value> > </init-param> > <load-on-startup>1</load-on-startup> > </servlet> > >... > > <servlet-mapping> > <servlet-name>strutsnav</servlet-name> > <url-pattern>*.do</url-pattern> > </servlet-mapping> > >... > > <!-- JAAS Security Realm config --> > <security-constraint> > <web-resource-collection> > <web-resource-name>Secure Struts Actions</web-resource-name> > <url-pattern>*.sec.do</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>General User</role-name> > </auth-constraint> > </security-constraint> > > <login-config> > <auth-method>FORM</auth-method> > <form-login-config> > <form-login-page>/login.do</form-login-page> > <form-error-page>/logininvalid.do</form-error-page> > </form-login-config> > </login-config> > > <security-role> > <role-name>General User</role-name> > </security-role> > >..." > >If I try to access a sec.do Struts action, I just get a blank space in the >body of the Tiles layout - I don't get the login form. If I change the >url-pattern in web-resource-collection to "*.do", then I get the login >page. It seems that Tomcat 5 doesn't like two dots in the url pattern. Is >this a bug? > >I also tried to add the following, but it didn't help: > <servlet-mapping> > <servlet-name>strutsnav</servlet-name> > <url-pattern>*.sec.do</url-pattern> > </servlet-mapping> > > >Thanks, >Cecile Mercado > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
