Bug 15570 - incorrect role-name mapping for "*" with respect to spec
Summary: incorrect role-name mapping for "*" with respect to spec
Alias: None
Product: Tomcat 4
Classification: Unclassified
Component: Unknown (show other bugs)
Version: 4.1.16
Hardware: PC All
: P3 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
URL: http://www.mail-archive.com/tomcat-us...
Depends on:
Reported: 2002-12-20 15:07 UTC by Thomas Paradies
Modified: 2006-01-02 07:50 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Paradies 2002-12-20 15:07:08 UTC
According to the servlet spec 2.3 the specially reserved role-name "*" is a 
compact syntax for indicating all roles in the web application. Tomcat 
interprets "*" as meaning "any authenticated user", which is not quite the same 
thing as the spec language either.

For further reading have a look at Graig's reply to my post in tomcat user 
mailing list:
Comment 1 Mark Thomas 2006-01-02 16:50:12 UTC
Thsi has been fixed in SVN for tc4.1.x and tc5.5.x