A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
Win a copy of
Spring in Action
this week in the
web.xml security-constraint question
Joined: Nov 30, 2007
Nov 30, 2007 00:24:00
I want to make a kind of inverted security constraint. I want to ALLOW access to a specific page over HTTP. All other pages should be HTTPS.
Is that possible???
(Sorry if this is in wrong forum, I'm fairly new to
The kind of code I am talking abuot is like this:
<security-constraint> <web-resource-collection> <web-resource-name>all-except-attachments</web-resource-name> <url-pattern>*.js</url-pattern> <url-pattern>*.jsp</url-pattern> <url-pattern>*.jspa</url-pattern> <url-pattern>*.css</url-pattern> <url-pattern>/browse/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
Joined: Dec 11, 2004
Nov 30, 2007 04:30:00
Originally posted by zac craven:
(Sorry if this is in wrong forum, I'm fairly new to java.)
No need to be sorry.
I'm going to move this to our
forum because security constraints are covered in the
specification. This forum covers the
, and JSTL specs.
How to ask a question...
Simple Servlet Examples
I agree. Here's the link:
subject: web.xml security-constraint question
request. get User Principal(). getName() do not retreive user name
http https switch
How to remove the port number in https adress?
Redirecting to HTTPS
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2014