aspose file tools*
The moose likes Servlets and the fly likes problem with security constraints Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "problem with security constraints" Watch "problem with security constraints" New topic
Author

problem with security constraints

Sebastian Janisch
Ranch Hand

Joined: Feb 23, 2009
Posts: 1183
hey,

i am trying to block the put and delete method on all incoming requests using a security constraint in the web.xml ..

for some reason however get post is blocked too

here is my tag



hope somebody can help

thanks


JDBCSupport - An easy to use, light-weight JDBC framework -
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 30537
    
150

Sebastian,
There are (at least) two implementations that deal with the security constraints in different ways.
1) If you don't specify a method, everybody can access it.
2) If you don't specify a method, nobody can access it.

While we could debate which is "more correct", you are stuck with the implementation chosen by your application server. In your case, that would be approach #2. Can you edit the web.xml to add an entry for get/post to allow the security you want?


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
Sebastian Janisch
Ranch Hand

Joined: Feb 23, 2009
Posts: 1183
hey,

i changed the dd to the following, but still got the same result: access denied

 
Don't get me started about those stupid light bulbs.
 
subject: problem with security constraints