aspose file tools*
The moose likes Servlets and the fly likes Security constraints declaratively in web.xml Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Security constraints declaratively in web.xml" Watch "Security constraints declaratively in web.xml" New topic
Author

Security constraints declaratively in web.xml

Mallika R Kumar
Ranch Hand

Joined: Jan 21, 2004
Posts: 38
Hello,
I have a web app where I've set up BASIC auth for users. I want to exclude a specific url pattern from this basic authorization. Is there a way to specify an exclusion pattern in web.xml's web-resource-collection for this ? I'm running my web-app in Resin 3.0.
Here is my web.xml:
--------------------------------------------------
<security-constraint>
<!-- web resources that are protected -->
<web-resource-collection>
<web-resource-name>A Protected Page</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>

<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>

<login-config>
<auth-method>BASIC</auth-method>
<realm-name>*</realm-name>
<!-- The authenticator tag is Resin-specific -->
<authenticator resin:type="com.caucho.server.security.XmlAuthenticator">
<password-digest>none</password-digest>
<user>protecteduser rotecteduser:user</user>
</authenticator>
</login-config>
--------------------------------------------------

Thanks,
Mallika.
ahmad basha
Greenhorn

Joined: May 25, 2006
Posts: 2
Hi Mallika,

I too need the same i want to exclude some pattern, If you find some solution please post it.


shaik ahmadb basha
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42929
    
  68
There is no way to specify which URLs not to protect. You may have to restructure your URL space so that you can specify which URLs to protect.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Security constraints declaratively in web.xml