Bug 15570 - incorrect role-name mapping for "*" with respect to spec
incorrect role-name mapping for "*" with respect to spec
Status: RESOLVED FIXED
Product: Tomcat 4
Classification: Unclassified
Component: Unknown
4.1.16
PC All
: P3 normal (vote)
: ---
Assigned To: Tomcat Developers Mailing List
http://www.mail-archive.com/tomcat-us...
:
Depends on:
Blocks:
  Show dependency tree
 
Reported: 2002-12-20 15:07 UTC by Thomas Paradies
Modified: 2006-01-02 07:50 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Paradies 2002-12-20 15:07:08 UTC
According to the servlet spec 2.3 the specially reserved role-name "*" is a 
compact syntax for indicating all roles in the web application. Tomcat 
interprets "*" as meaning "any authenticated user", which is not quite the same 
thing as the spec language either.

For further reading have a look at Graig's reply to my post in tomcat user 
mailing list:
http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg78364.html
Comment 1 Mark Thomas 2006-01-02 16:50:12 UTC
Thsi has been fixed in SVN for tc4.1.x and tc5.5.x