On Thu, Feb 7, 2019 at 3:05 PM Mark Thomas <ma...@apache.org> wrote: > On 07/02/2019 13:50, Remy Maucherat (Confluence) wrote: > > There's *1 new edit* on your page > > <snip/> > > > Here's what changed: > > > > ... > > > > <user username="CN=CTS, OU=Java Software, O=Sun Microsystems Inc., > L=Burlington, ST=MA, C=US" roles="Administrator"/> > > <user username="j2ee" password="j2ee" roles="Administrator,Employee" /> > > <user username="javajoe" password="javajoe" roles="VP,Manager" /> > > Thanks. Just found that myself. > > > Enable h2c on port 8080, and add some trailer headers > > > > ... > > > > * 1 x TCK bug - missing endorsedLib configuration > > o https://github.com/eclipse-ee4j/jakartaee-tck/issues/39 > > * com/sun/ts/tests/servlet/spec/serverpush/serverPushInitTest does a > > check on a case sensitive "Authorization" header (a "authorization" > > header is present), among other wrong case sensitive checks. > > And that. I've hacked my around those case sensitivity issues and I've > found what looks to be a Tomcat bug related to not setting the server > port correctly. I'm just starting to debug my way through that code. >
Ok, the referer URI check could probably use the port. The test code should still be refactored with a response.toLowerCase somewhere though. I don't understand com/sun/ts/tests/servlet/spec/security/secbasic/test7(_anno) at all, why would j_security_check do anything since BASIC is used (and not FORM) ? The assertion implies the test thinks it should somehow match a constraint. Rémy > > Mark > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >
