File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Servlets and the fly likes Security constraints declaratively in web.xml Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Security constraints declaratively in web.xml" Watch "Security constraints declaratively in web.xml" New topic
Author

Security constraints declaratively in web.xml

Mallika R Kumar
Ranch Hand

Joined: Jan 21, 2004
Posts: 38
Hello,
I have a web app where I've set up BASIC auth for users. I want to exclude a specific url pattern from this basic authorization. Is there a way to specify an exclusion pattern in web.xml's web-resource-collection for this ? I'm running my web-app in Resin 3.0.
Here is my web.xml:
--------------------------------------------------
<security-constraint>
<!-- web resources that are protected -->
<web-resource-collection>
<web-resource-name>A Protected Page</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>

<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>

<login-config>
<auth-method>BASIC</auth-method>
<realm-name>*</realm-name>
<!-- The authenticator tag is Resin-specific -->
<authenticator resin:type="com.caucho.server.security.XmlAuthenticator">
<password-digest>none</password-digest>
<user>protecteduser rotecteduser:user</user>
</authenticator>
</login-config>
--------------------------------------------------

Thanks,
Mallika.
ahmad basha
Greenhorn

Joined: May 25, 2006
Posts: 2
Hi Mallika,

I too need the same i want to exclude some pattern, If you find some solution please post it.


shaik ahmadb basha
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41867
    
  63
There is no way to specify which URLs not to protect. You may have to restructure your URL space so that you can specify which URLs to protect.


Ping & DNS - my free Android networking tools app
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Security constraints declaratively in web.xml