What if I don't have any http-method tag under my security-constraint? This would mean that I cannot do any HTTP method against the resource that I'm protecting? Would this be done in any real time scenario?
SCJP 1.4, SCWCD 1.4 - Hints for you, Certified Scrum Master
Did a rm -R / to find out that I lost my entire Linux installation!
This would mean that I cannot do any HTTP method against the resource that I'm protecting ?
No, that would mean that you put some constraints on all HTTP methods, and that only an authorized user could access it. It is meant to be used in conjunction with auth-constraint.