This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes http-method element Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "http-method element" Watch "http-method element" New topic
Author

http-method element

janne s
Ranch Hand

Joined: Sep 21, 2004
Posts: 81
Hi!

In chpater 12 've doubt reg <http-method> element.

in pg 634 its given that:

if a <web-resouce-collection> element contains no <http-method> elements then the collection includes the use of all Http methods on all of the URl patterns. i.e they r not constrained.


in pg 635 2nd box last para points

1) DOn't specify any <http-method> elements in the <security-constraint>, which means that all methods are constrained.

which one is ocrrect?
It would be helpful if someone cousl explain this.

Thank you
srinath anand
Ranch Hand

Joined: Nov 20, 2001
Posts: 30
Hi,

Yes I understand it is conflicting. Here are the rules:

- if there is no <http-method> element then ALL methods are constrained.
- if there is a <http-method> element say GET then ALL methods except GET are NOT constrained i.e only GET is constrained while all others are OPEN.

Hope this clarifies it.


SCJP2,SCWCD 1.4
Deepa Korecherla
Ranch Hand

Joined: Jul 14, 2004
Posts: 197
Originally posted by jaya merugu:
[QB]Hi!

In chpater 12 've doubt reg <http-method> element.

in pg 634 its given that:

if a <web-resouce-collection> element contains no <http-method> elements then the collection includes the use of all Http methods on all of the URl patterns. i.e they r not constrained.

-------------------------
I understand..
if u don't give any <http-method> element ...then all methods r constrained.

What if we don't specify any http-method in the <http-method> element??
Also, I have the same douBt as Jaya......
Can anyone clarify...??


DKR<br />SCJP1.2,SCWCD1.4,SCBCD1.3,SCJA
Ranjit Jana
Ranch Hand

Joined: Feb 17, 2005
Posts: 30
One more doubt here . The http methods are constrained only for the role specified. for all other role these resources specified in url pattern is not constrained. Comment ??
janne s
Ranch Hand

Joined: Sep 21, 2004
Posts: 81
Thanks for your reply...

This what i understood

1. No <http-method> element All the methods to particular <url-pattern> are constrained.

2. <http-method> * </http-method> All the methods are constrained.

3. </http-method> All the methods are are constrained.

4. <http-method> </http-method> All the methods are are constrained.

5.<http-method> POST </http-method> only POST is constrained.

If wrong do correct.

Thank you
janne s
Ranch Hand

Joined: Sep 21, 2004
Posts: 81
hi

pls some one reply...
check it out and correct

thanks
jaya
Colin Fletcher
Ranch Hand

Joined: Sep 10, 2004
Posts: 200
jaya, what does the spec say?


SCJP 1.4 SCWCD 1.4
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: http-method element
 
Similar Threads
security constraint : http-method
What happen when http-method is not defined in the security constraint?
no http-method
HF errata
http-method element in web-resource-collection