-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chuck,
On 2/26/2009 5:39 PM, Caldarale, Charles R wrote: >> From: Mark Thomas [mailto:ma...@apache.org] Subject: Re: Request >> not forwarded to login page with security-constraint after session >> time-out >> >> The spec is clearer than that. The "*" role == all roles defined in >> web.xml. > > Yes, but what it's not clear about is what happens when there are > *no* roles defined in web.xml, which is the situation the OP has. It's worse than that: he has no roles table defined, so he gets SQLExceptions during authorization. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmoFw4ACgkQ9CaO5/Lv0PBD+wCfSVVvZBRbJ85MtrcIPM8FA/VR kJcAn1DH5tT9Zs4V/XbBPI7pqRfrvpDk =vOo5 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org