Uploaded image for project: 'JSPWiki'
  1. JSPWiki
  2. JSPWIKI-212

transport-guarantee CONFIDENTIAL should be removed from web.xml

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Won't Fix
    • 2.6.2
    • None
    • Authentication & Authorization
    • None

    • apache-tomcat-6.0.16

    Description

      The default web.xml of JSPWiki contains two times

      <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>

      for container managed authorization.

      But by default Tomcat has not switched on SSL, and trying to log in to JSPWiki you get

      Firefox can't establish a connection to the server at localhost:8443.

      By default the user-data-constraint element should be removed as it makes activating container managed authorization unnecessarily difficult.

      Especially as it is not easy or obvious to notice the connection between the cited error message and the user-data-constraint element.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. JSPWIKI-389 Container managed login fails with Geronimo

          • Major - Major loss of function.
          • Closed

          Activity

            People

              ajaquith Andrew R. Jaquith
              weberjn Jürgen Weber
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: