This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
No rishi and peter, i hv an opposite opinion to that. No user is allowed to access that resource collection if u will not declare auth-conatraint for that security contraint. I m quoting page no - 85 of Servlet Specification:
An authorization constraint is a set of security roles at least one of which users must belong for access to resources described by the web resource collection. If the user is not part of an allowed role, the user must be denied access to the resource requiring it. If the authorization constraint defines no roles, no user is allowed access to the portion of the web application defined by the security constraint.
I m asking some more person to post their Ideas here. Best regards, Dharmin
SCJP2 (93%),SCWCD(88%)<br />-------------------------------<br />Never under estimate yr self, just represent yr profile in proper manner.
Joined: Jan 04, 2001
yes i agree with Dharmin after seeing specs sorry i got wrong Thanks Dharmin Rishi