My bad - I was quoting the servlet 3.0 spec (usually the headings align)
I need to reread but it might be a bug. (I dont have the spec in front
of me) but IIRC it said something to the effect of using the url + the
HTTP method to get all applicable constraints. And then unioning them
together. Since the /* doesn't apply to GET - it shouldn't count as part
of the UNION (but I'd have to create a test case and trace it to see
whats happening in reality in the code)
It sounds like the case described just takes into account URL for the
unioning of contraints.
-Tim
Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Peter,
On 9/18/2009 4:34 PM, Peter Holcomb wrote:
Thanks for your response. I've read through the example in 13.7.2 of
the spec
Which version of the spec? I don't see a section 13.8 at all in either
2.4 or 2.5 of the spec. I see the heading "Combining Constraints" listed
under 12.7.1.
but I don't think I'm understanding how the union works.
I think Tim is incorrect, here. Neither the url-pattern nor the
http-methods overlap, therefore no combining should occur.
According to my thought process, the url patterns are:
*.xhtml - access precluded
/* PUT,DELETE,TRACE,OPTIONS - access precluded
The example I see in 12.7.2 seems to support your expectations.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
