------- Additional Comments From [hidden email] 2005-05-09 01:46 -------
I'm -1 to the patch, as is. A <url-pattern>/login*</url-pattern> is a
perfectly valid (if somewhat strange :) exact-match pattern, so Tomcat can't
I'm +1 to adding a log.warn to SecurityCollection.addPattern for questionable
patterns like this, since it could only reduce the questions on tomcat-user.