This week's book giveaway is in the OCAJP 8 forum.
We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line!
See this thread for details.
The moose likes Servlets and the fly likes Security constraints declaratively in web.xml Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of OCA Java SE 8 Programmer I Study Guide this week in the OCAJP 8 forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Security constraints declaratively in web.xml" Watch "Security constraints declaratively in web.xml" New topic

Security constraints declaratively in web.xml

Mallika R Kumar
Ranch Hand

Joined: Jan 21, 2004
Posts: 38
I have a web app where I've set up BASIC auth for users. I want to exclude a specific url pattern from this basic authorization. Is there a way to specify an exclusion pattern in web.xml's web-resource-collection for this ? I'm running my web-app in Resin 3.0.
Here is my web.xml:
<!-- web resources that are protected -->
<web-resource-name>A Protected Page</web-resource-name>


<!-- The authenticator tag is Resin-specific -->
<authenticator resin:type="">
<user>protecteduser rotecteduser:user</user>

ahmad basha

Joined: May 25, 2006
Posts: 2
Hi Mallika,

I too need the same i want to exclude some pattern, If you find some solution please post it.

shaik ahmadb basha
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42958
There is no way to specify which URLs not to protect. You may have to restructure your URL space so that you can specify which URLs to protect.
I agree. Here's the link:
subject: Security constraints declaratively in web.xml
It's not a secret anymore!