Author: theute Date: 2011-11-12 12:58:35 -0500 (Sat, 12 Nov 2011) New Revision: 8050 Modified: epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/web.xml Log: JBEPP-1336 Potential authentication bypass issue in gatein.ear Modified: epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/web.xml =================================================================== --- epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/web.xml 2011-11-12 15:50:20 UTC (rev 8049) +++ epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/web.xml 2011-11-12 17:58:35 UTC (rev 8050) @@ -304,8 +304,6 @@ <url-pattern>/private/*</url-pattern> <url-pattern>/g/*</url-pattern> <url-pattern>/u/*</url-pattern> - <http-method>POST</http-method> - <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>users</role-name> @@ -318,8 +316,6 @@ <web-resource-collection> <web-resource-name>admin authentication</web-resource-name> <url-pattern>/admin/*</url-pattern> - <http-method>POST</http-method> - <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>admin</role-name>