From: Christopher Schultz
Sent: Thursday, April 10, 2025 2:22
To: users@tomcat.apache.org
Subject: Re: HOWTO: the right way to configure security constraints to protect
CGI scripts in web.xml
Mark,
On 4/8/25 5:40 PM, Mark Thomas wrote:
> 8 Apr 2025 21:45:50 Ch
Mark,
On 4/8/25 5:40 PM, Mark Thomas wrote:
8 Apr 2025 21:45:50 Christopher Schultz :
Justin,
On 4/8/25 3:16 AM, Justin Chen wrote:
Dear users and supporters,
Currently I have two CGI scripts:
1. "/cgi-bin/update" //an administrative command, required role="admin"
2. "/cgi-bin/updateOrder" /
r security mapping would be open to second guesses. It is the same
with any servlet that is using its path info liberally.
Rémy
> Chenjp
> ____________
> From: Mark Thomas
> Sent: Wednesday, April 9, 2025 5:40
> To: Tomcat Users List
> Subject: Re: HOWTO: the right way to configure
Sent: Wednesday, April 9, 2025 5:40
To: Tomcat Users List
Subject: Re: HOWTO: the right way to configure security constraints to protect
CGI scripts in web.xml
8 Apr 2025 21:45:50 Christopher Schultz :
> Justin,
>
> On 4/8/25 3:16 AM, Justin Chen wrote:
>> Dear users and supporters,
8 Apr 2025 21:45:50 Christopher Schultz :
Justin,
On 4/8/25 3:16 AM, Justin Chen wrote:
Dear users and supporters,
Currently I have two CGI scripts:
1. "/cgi-bin/update" //an administrative command, required
role="admin"
2. "/cgi-bin/updateOrder" //update order, required role="biz"
In order
Justin,
On 4/8/25 3:16 AM, Justin Chen wrote:
Dear users and supporters,
Currently I have two CGI scripts:
1. "/cgi-bin/update" //an administrative command, required role="admin"
2. "/cgi-bin/updateOrder" //update order, required role="biz"
In order to protect above endpoints via web.xml secur
Dear users and supporters,
Currently I have two CGI scripts:
1. "/cgi-bin/update" //an administrative command, required role="admin"
2. "/cgi-bin/updateOrder" //update order, required role="biz"
In order to protect above endpoints via web.xml security-constraints mechanism,
how shall I do?
Rega
