File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes problem with security constraints Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "problem with security constraints" Watch "problem with security constraints" New topic

problem with security constraints

Sebastian Janisch
Ranch Hand

Joined: Feb 23, 2009
Posts: 1183

i am trying to block the put and delete method on all incoming requests using a security constraint in the web.xml ..

for some reason however get post is blocked too

here is my tag

hope somebody can help


JDBCSupport - An easy to use, light-weight JDBC framework -
Jeanne Boyarsky
author & internet detective

Joined: May 26, 2003
Posts: 33124

There are (at least) two implementations that deal with the security constraints in different ways.
1) If you don't specify a method, everybody can access it.
2) If you don't specify a method, nobody can access it.

While we could debate which is "more correct", you are stuck with the implementation chosen by your application server. In your case, that would be approach #2. Can you edit the web.xml to add an entry for get/post to allow the security you want?

[OCA 8 book] [Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Other Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, TOGAF part 1 and part 2
Sebastian Janisch
Ranch Hand

Joined: Feb 23, 2009
Posts: 1183

i changed the dd to the following, but still got the same result: access denied

I agree. Here's the link:
subject: problem with security constraints
jQuery in Action, 3rd edition