projects / tomcat7.0 / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c31c689) | patch
CVE-2011-1088
authormarkt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Wed, 9 Mar 2011 11:16:48 +0000 (11:16 +0000)
committermarkt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Wed, 9 Mar 2011 11:16:48 +0000 (11:16 +0000)
commit727f9c5571c6686637c3b663969c085053d5cbc9
tree9e79eb8a5a34b41cfe0c116587bb4a25f341492ctree | snapshot
parentc31c6891b502e1b0d01832862b78d3823dd50173commit | diff
CVE-2011-1088
Complete the fix for this issue. The optimisation not to configure an authenticator of there were no security constraints meant that in that case @ServletSecurity annotations had no effect. The unit tests did not pick this up since they added an authenticator directly.
Add an explicit unit test for this scenario.

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1079752 13f79535-47bb-0310-9956-ffa450edef68
java/org/apache/catalina/startup/ContextConfig.java diff | blob | history
test/org/apache/catalina/core/TestStandardWrapper.java diff | blob | history
test/webapp-3.0-servletsecurity/WEB-INF/web.xml [new file with mode: 0644] blob
webapps/docs/changelog.xml diff | blob | history
Unnamed repository; edit this file to name it for gitweb.