Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-3650

JPA removes a trailing '?' from a resource URL being evaluated

    XMLWordPrintable

    Details

    • Rank:
      1|hzoa7r:

      Description

      The J2EE policy agent removes a trailing '?' from a resource URL being evaluated. For example a user trying to access http://www.example.com/hello? where the policy rule http://www.example.com/hello*?* exists, this will result in a deny, because the agent normalises the resource URL to look like http://www.example.com/hello which doesn't match the valid rule.

      This issue causes issues in both self and subtree modes.

        Attachments

          Activity

            People

            apforrest Andrew Forrest
            apforrest Andrew Forrest
            Alex Walker [X] Alex Walker [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: