Description
Pronab Saha (Migrated from SEC-1633) said:
I wanted to upgrade to Spring Security 2.0.6 from Spring Security 2.0.5. That is upgrade one minor version up. I use struts 1.3.10. When I replaced the 4 jar files with the ones from 2.0.6, I started getting strange error messages from Struts saying that no action path could be found.
The following are the 4 jars that I replace with the 2.0.6 versions.
spring-security-acl-2.0.5.RELEASE.jar
spring-security-core-2.0.5.RELEASE.jar
spring-security-core-tiger-2.0.5.RELEASE.jar
spring-security-taglibs-2.0.5.RELEASE.jar
After trying various things unsuccessfully, I decided to create a bare bones functional project and try my upgrade there.
What I discovered is that 2.0.6 appears to have problems dealing with jsp forward. In 2.0.5 things work fine but 2.0.6 things go into a loop while running inside of Eclipse/Tomcat 5.5.
I create a fresh Eclipse Dynamic Web project. I add an index.jsp which has one line to perform a jsp:forward to another .jsp page. I tested with no Spring and it works as expected. I then introduce Spring Security 2.0.5 and Spring 2.5.5 into the mix and things still work as expected. (Index.jsp has intercept-url has filters=none).
I then replace the above mentioned 4 files with the 2.0.6 versions. Then when I try to navigate to the index.jsp via browser (Fire Fox 3.6.12), the tomcat server goes into a loop spewing out a very large stack trace.
I'm attaching the eclipse project as well as the tomcat log file.
The main reason I wanted to upgrade to 2.0.6 is because for some reason, I am not able to get "access-denied-page" attribute to work on the http element.