"Suspicious url pattern" warnings are logged to the wrong webapp, not the one actually using them. These log events are coming from SecurityCollection.java.
This class is using a static logger, and has no efficient way to access the webapp logger.
If it cannot get the logger for the proper webapp then why does it log into some other webapp? At least it should log into catalina.out. This is a serious issue. If proper logging is impossible then the whole verification should be removed, it is useless like this IMHO. (Not to mention that it is broken -- that's a different bug report. But that shows that no one really used this information ever.)
Marius, do you have a test case that easily generates these log messages?
AFAIK you only need: - URL patterns like "/foo/*" in you web.xml - debug level logging If you have several web apps the log events may show up in the wrong web app log file, don't know how to trigger that. See also bug 43079
This has been fixed in trunk and proposed for 6.0.x and 5.5.x
This has been fixed in 6.0.x and will be included in 6.0.17 onwards.
This has been fixed in 5.5.x and will be included in 5.5.27 onwards.