Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 343277

Summary: Webapp Servlet Context White List
Product: [RT] Jetty Reporter: Jesse McConnell <jesse.mcconnell>
Component: serverAssignee: Greg Wilkins <gregw>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: jetty-inbox
Version: 7.4.1   
Target Milestone: ---   
Hardware: Macintosh   
OS: Mac OS X   
Whiteboard:

Description Jesse McConnell CLA 2011-04-19 11:25:00 EDT 
In certain circumstances you want may want to deny access of one webapp from another when you may not fully trust the webapp.  Setting this white list will enable a check when a servlet called getContext(String), validating that the uriInPath for the given webapp has been declaratively allows access to the context.
Comment 1 Jesse McConnell CLA 2011-04-19 11:28:24 EDT 
commit -m "Bug 343277 add support for an optional context white list" /Users/jesse/src/eclipse/trunks/jetty/VERSION.txt /Users/jesse/src/eclipse/trunks/jetty/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppContext.java /Users/jesse/src/eclipse/trunks/jetty/jetty-webapp/src/test/java/org/eclipse/jetty/webapp/WebAppContextTest.java
    Sending        /Users/jesse/src/eclipse/trunks/jetty/VERSION.txt
    Sending        /Users/jesse/src/eclipse/trunks/jetty/jetty-webapp/src/main/java/org/eclipse/jetty/webapp/WebAppContext.java
    Sending        /Users/jesse/src/eclipse/trunks/jetty/jetty-webapp/src/test/java/org/eclipse/jetty/webapp/WebAppContextTest.java
    Transmitting file data ...
    Committed revision 3022.