[
http://jira.jboss.com/jira/browse/JBAS-3268?page=comments#action_12339967 ]
Dimitris Andreadis commented on JBAS-3268:
------------------------------------------
Anil, can you please fix this in the jboss codebase and close it? If there is something to
be fixed in the tomcat codebase, that should be openned in their bug tracking system, and
linked from here instead (I guess).
FormAuthenticator has copy/paste error
--------------------------------------
Key: JBAS-3268
URL:
http://jira.jboss.com/jira/browse/JBAS-3268
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Web (Tomcat) service
Affects Versions: JBossAS-4.0.2 Final, JBossAS-4.0.3 SP1, JBossAS-4.0.4.GA
Reporter: Anil Saldhana
Assigned To: Remy Maucherat
Priority: Minor
Fix For: JBossAS-4.0.5.CR1
The matchRequest method of the FormAuthenticator is trying to match a URI with itself as
indicated at the end of the method:
==================================================
// Does the request URI match?
String requestURI = request.getRequestURI();
if (requestURI == null)
return (false);
return (requestURI.equals(request.getRequestURI()));
==================================================
It should be:
========================================================
// Does the request URI match?
String requestURI = request.getRequestURI();
if (requestURI == null)
return (false);
return (requestURI.equals(sreq.getRequestURI()));
=======================================================
This affects both org.jboss.web.tomcat.security.FormAuthenticator and
http://svn.apache.org/repos/asf/tomcat/container/tc5.5.x/catalina/src/sha...
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira