Marc Saegesser wrote:
> Damn, I hate the Servlet spec. They bury this detail in a bloody example
> without ever mentioning it explicity! Damn.
>
One additional place to look for authoritative information about the spec is
the published errata. There is a link on the following page:
http://java.sun.com/products/servlet/download.html
which includes a note about this particular issue.
>
> Section 10.2.2, table 4, item 3 is the only place I can find (now that I
> went explicitly looking for it) that describes this functionality.
>
> Section 10.2 bullet one says that
>
> * A string beginning with a ‘/’ character and ending with a ‘/*’ postfix is
> used as a path mapping.
>
> But it doesn't actually define what the hell a 'path mapping' is. What it
> really seems to mean is that it maps to the servlet specified between the
> '/' characters and allows PathInfo to be passed to the servlet.
>
That's correct.
>
> The 3.2 PFD spec is no better.
>
Craig
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > Log:
> > According to the spec, a servlet mapped to the url-pattern
> > "/abc/*" should
> > be invoked if the URL "/abc" is used. The prior fix allows
> > "/abc" to fail
> > to match "/abc/*" when used for a security-constraint allowing
> > it to escape
> > authorization.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
