File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
Win a copy of
OCM Java EE 6 Enterprise Architect Exam Guide
this week in the
web.xml security-constraint question
Joined: Nov 30, 2007
Nov 30, 2007 00:24:00
I want to make a kind of inverted security constraint. I want to ALLOW access to a specific page over HTTP. All other pages should be HTTPS.
Is that possible???
(Sorry if this is in wrong forum, I'm fairly new to
The kind of code I am talking abuot is like this:
<security-constraint> <web-resource-collection> <web-resource-name>all-except-attachments</web-resource-name> <url-pattern>*.js</url-pattern> <url-pattern>*.jsp</url-pattern> <url-pattern>*.jspa</url-pattern> <url-pattern>*.css</url-pattern> <url-pattern>/browse/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
Joined: Dec 11, 2004
Nov 30, 2007 04:30:00
Originally posted by zac craven:
(Sorry if this is in wrong forum, I'm fairly new to java.)
No need to be sorry.
I'm going to move this to our
forum because security constraints are covered in the
specification. This forum covers the
, and JSTL specs.
How to ask a question...
Simple Servlet Examples
I agree. Here's the link:
subject: web.xml security-constraint question
How to remove the port number in https adress?
http https switch
Redirecting to HTTPS
request. get User Principal(). getName() do not retreive user name
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2014