Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-23166

[GSS](7.4.z) UNDERTOW-2211 <deny-uncovered-http-methods /> causes forbidden access for anonymous resources access.

    XMLWordPrintable

Details

    Description

      <deny-uncovered-http-methods /> causes forbidden access for anonymous resources access.

      1) vanilla installation https://download.jboss.org/wildfly/23.0.1.Final/wildfly-23.0.1.Final.zip
      2) deploy the app attached
      3) GET http://localhost:8080/helloworld/HelloWorld

      current outcome (forbidden access)
      we should be able to get the page.

      Attachments

        Issue Links

          incorporates

          Bug - A problem that impairs or prevents the functions of the product. JBMETA-452 deny-uncovered-http-methods truncates parsing of web.xml file

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Resolved

          Bug - A problem that impairs or prevents the functions of the product. JBMETA-442 deny-uncovered-http-methods is a "flag" not a boolean in web.xml

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Bug - A problem that impairs or prevents the functions of the product. UNDERTOW-2188 Adjust corner case of covered methods if no methods are present

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-24220 [GSS](7.4.z) Upgrade JBoss Metadata from 13.0.0.Final-redhat-00001 to 13.4.0.Final-redhat-00001

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-24339 (7.4.z) Upgrade Undertow from 2.2.22.SP3-redhat-00001 to 2.2.23.SP1

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is related to

          Bug - A problem that impairs or prevents the functions of the product. RHPAM-3914 Access to swagger /kie-server/docs return Forbidden when integrating with RHSSO

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          links to

          Web Link Jackarta Spec Ticket

          Activity

            People

              rhn-cservice-bbaranow Bartosz Baranowski
              rhn-support-egonzale Enrique Gonzalez Martinez (Inactive)
              Petr Adamec Petr Adamec
              Votes:
              1 Vote for this issue
              Watchers:
              14 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: