Reputation: 6689
Tomcat issue with url-pattern
In my web.xml of my simple app i have
<servlet>
<servlet-name>HelloServlet</servlet-name>
<servlet-class>HelloServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>HelloServlet</servlet-name>
<url-pattern>/Hai</url-pattern>
</servlet-mapping>
and now if I have
<url-pattern>/*</url-pattern>
in security constraint it asks for password when I try to get to my deployed app, but when I change it to
<url-pattern>/Projekt/*</url-pattern>
and try to enter Projekt/Hai I am not asked for my password, why?
Upvotes: 1
Views: 3440
Answers (1)
Reputation: 691715
The url-pattern that you specify in web.xml is always a pattern that is relative to the context path of the webapp. So, /Projekt/* means all the URLs under /Projekt, under the context path of the application.
Since your app is deployed un /Projekt, it means that this url-pattern matches the URL http://localhost:8080/Projekt/projekt/Hai. It doesn't match http://localhost:8080/Projekt/Hai, because this URL, when written relatively to the context path, is /Hai, which doesn't matches the pattern /Projekt/*.
Good rule of thumb: nothing in the code or deployment descriptor of a webapp should ever depend on the context path chosen to deploy the application. Everything should always be specified relatively to this context path.
Upvotes: 4
Related Questions
- tomcat and security-constraint: url pattern not working
- Spring Security Not applied with my Urls
- Security-constraint web.xml url-pattern safety
- Spring Security Url Pattern is not working
- url-pattern for security-constraint not working
- Why is this URL returning error 400 from Tomcat?
- j_spring_security_check not invoke when use specific url pattern in http element
- Security constraint <url-pattern> acting weirdly - websphere
- Tomcat Web xml URL-Pattern does not accept urls with parameters?
- web.xml exclusive url-pattern