Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-525

Web resource collection extension mappings are applied before prefix matches

    XMLWordPrintable

Details

    • Hide

      define a non-authorized security constraint like below
      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Public</web-resource-name>
      <url-pattern>/javax.faces.resource/*</url-pattern>
      <url-pattern>/index.xhtml</url-pattern>
      </web-resource-collection>
      </security-constraint>
      You can not reach any of the resource under the "javax.faces.resource" path.
      Then define resource path without "*" form with full path, you will get the resource.

      Show
      define a non-authorized security constraint like below <security-constraint> <web-resource-collection> <web-resource-name>Public</web-resource-name> <url-pattern>/javax.faces.resource/*</url-pattern> <url-pattern>/index.xhtml</url-pattern> </web-resource-collection> </security-constraint> You can not reach any of the resource under the "javax.faces.resource" path. Then define resource path without "*" form with full path, you will get the resource.

    Description

      We are migrating our Web Application from JBoss 7.1.1 to Wildfly 9.0.0 .In our web.xml we have security constraints like
      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Public</web-resource-name>
      <url-pattern>/javax.faces.resource/*</url-pattern>
      <url-pattern>/index.xhtml</url-pattern>
      </web-resource-collection>
      </security-constraint>
      these were working without problem with Jboss 7.1.1.
      After migrating to WildFly we realized that "/javax.faces.resource/*" url pattern was not working.
      When we changed url-patten from "/javax.faces.resource/*" to "javax.faces.resource/theme.css.xhtml" it works again. I don't know If I am missing something but it seems like a bug.

      Attachments

        Activity

          People

            sdouglas1@redhat.com Stuart Douglas
            ertugrultas Ertuğrul TAŞ (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: