This week's giveaway is in the Spring forum.
We're giving away four copies of REST with Spring (video course) and have Eugen Paraschiv on-line!
See this thread for details.
The moose likes Servlets and the fly likes problem with security constraints Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of REST with Spring (video course) this week in the Spring forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "problem with security constraints" Watch "problem with security constraints" New topic

problem with security constraints

Sebastian Janisch
Ranch Hand

Joined: Feb 23, 2009
Posts: 1183

i am trying to block the put and delete method on all incoming requests using a security constraint in the web.xml ..

for some reason however get post is blocked too

here is my tag

hope somebody can help


JDBCSupport - An easy to use, light-weight JDBC framework -
Jeanne Boyarsky
author & internet detective

Joined: May 26, 2003
Posts: 32819

There are (at least) two implementations that deal with the security constraints in different ways.
1) If you don't specify a method, everybody can access it.
2) If you don't specify a method, nobody can access it.

While we could debate which is "more correct", you are stuck with the implementation chosen by your application server. In your case, that would be approach #2. Can you edit the web.xml to add an entry for get/post to allow the security you want?

[OCA 8 book] [Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Other Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, TOGAF part 1 and part 2
Sebastian Janisch
Ranch Hand

Joined: Feb 23, 2009
Posts: 1183

i changed the dd to the following, but still got the same result: access denied

I agree. Here's the link:
subject: problem with security constraints
It's not a secret anymore!