File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes Security constraints declaratively in web.xml Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Security constraints declaratively in web.xml" Watch "Security constraints declaratively in web.xml" New topic

Security constraints declaratively in web.xml

Mallika R Kumar
Ranch Hand

Joined: Jan 21, 2004
Posts: 38
I have a web app where I've set up BASIC auth for users. I want to exclude a specific url pattern from this basic authorization. Is there a way to specify an exclusion pattern in web.xml's web-resource-collection for this ? I'm running my web-app in Resin 3.0.
Here is my web.xml:
<!-- web resources that are protected -->
<web-resource-name>A Protected Page</web-resource-name>


<!-- The authenticator tag is Resin-specific -->
<authenticator resin:type="">
<user>protecteduser rotecteduser:user</user>

ahmad basha

Joined: May 25, 2006
Posts: 2
Hi Mallika,

I too need the same i want to exclude some pattern, If you find some solution please post it.

shaik ahmadb basha
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
There is no way to specify which URLs not to protect. You may have to restructure your URL space so that you can specify which URLs to protect.
I agree. Here's the link:
subject: Security constraints declaratively in web.xml
It's not a secret anymore!