使用Liferay进行Tomcat 8启动时存在严重的安全约束 [英] Severe security constraints while tomcat 8 startup with liferay
问题描述
tomcat 8带有liferay时,我收到以下严重消息.
I am getting the below severe message while the tomcat 8 comes up with liferay.
SEVERE [localhost-startStop-1] org.apache.tomcat.util.descriptor.web.SecurityConstraint.findUncoveredHttpMethods For security constraints with URL pattern [/bg/c/portal/protected] only the HTTP methods [POST GET] are covered. All other methods are uncovered.
03-Sep-2015 07:06:00.733 SEVERE [localhost-startStop-1] org.apache.tomcat.util.descriptor.web.SecurityConstraint.findUncoveredHttpMethods For security constraints with URL pattern [/sv/c/portal/protected] only the HTTP methods [POST GET] are covered. All other methods are uncovered.
03-Sep-2015 07:06:00.733 SEVERE [localhost-startStop-1] org.apache.tomcat.util.descriptor.web.SecurityConstraint.findUncoveredHttpMethods For security constraints with URL pattern [/zh/c/portal/protected] only the HTTP methods [POST GET] are covered. All other methods are uncovered.
这对服务器启动没有任何影响,但不确定是什么原因导致的?任何帮助将不胜感激.
推荐答案
这意味着在web.xml
中,有人仅针对模式/bg/c/portal/protected
上的POST和GET方法指定了安全约束,可能与此类似:
It means that in web.xml
someone has specified a security constraint just for methods POST and GET on pattern /bg/c/portal/protected
, possibly in a similar way to this:
<security-constraint>
<web-resource-collection>
<url-pattern>/bg/c/portal/protected</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>...</transport-guarantee>
</user-data-constraint>
</security-constraint>
您应该删除http-method
括号以使其与该url-pattern
的所有方法匹配,或者如果您想为其设置不同的安全性约束而没有任何http-method
括号,则创建第二个方法.
You should either remove http-method
brackets so it will match all methods for this url-pattern
or create second one if you would like to set different security constraints on it without any http-method
brackets.
例如,如果您想使用SSL /bg/c/portal/protected
端点保护POST
和GET
方法的安全,但是对于其他不需要的端点,则应创建如下配置:
For instance if you would like to secure with SSL /bg/c/portal/protected
endpoint for the POST
and GET
methods, but for others you do not need that then you should create a config like this:
<security-constraint>
<web-resource-collection>
<url-pattern>/bg/c/portal/protected</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<url-pattern>/bg/c/portal/protected</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
如您所见,此模式的所有方法均已涵盖,因此不会引发任何错误.
As you see now all methods for this pattern are covered, hence no error will be thrown.
这篇关于使用Liferay进行Tomcat 8启动时存在严重的安全约束的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!