FormAuthenticator has copy/paste error -------------------------------------- Key: JBAS-3268 URL: http://jira.jboss.com/jira/browse/JBAS-3268 Project: JBoss Application Server Issue Type: Bug Security Level: Public(Everyone can see) Components: Web (Tomcat) service Affects Versions: JBossAS-4.0.2 Final, JBossAS-4.0.3 SP1, JBossAS-4.0.4.GA Reporter: Anil Saldhana Assigned To: Remy Maucherat Priority: Minor Fix For: JBossAS-4.0.6.CR1 The matchRequest method of the FormAuthenticator is trying to match a URI with itself as indicated at the end of the method: ================================================== // Does the request URI match? String requestURI = request.getRequestURI(); if (requestURI == null) return (false); return (requestURI.equals(request.getRequestURI())); ================================================== It should be: ======================================================== // Does the request URI match? String requestURI = request.getRequestURI(); if (requestURI == null) return (false); return (requestURI.equals(sreq.getRequestURI())); ======================================================= This affects both org.jboss.web.tomcat.security.FormAuthenticator and http://svn.apache.org/repos/asf/tomcat/container/tc5.5.x/catalina/src/sha...