I've been prepping for CX-310-085, after having gone through the HF book, Murach Servlets and JSP book, and various specs. I was looking at the security section of JSR 315 (JavaServlet Specification). In section 13.8 Specifying Security Constraints, p. 135, it list an element of the deployment descriptor as http-method-omission as well as in section 13.8.1, p. 136. But in the subsequent example 13.8.2, p. 137, it uses http-method-exception and never seems to again use ...-omission. Is this the same thing? or a typo in the spec.? or an older version of the same idea? What would you use/recommend?
OCP Java SE 6 Programmer,
OCM Java SE 6 Developer
OCE Web Components (OCEWD)
OCE JPA 6 (OCEJPAD)
OCE EJB 6 (OCEBCD)
OCE Web Services (OCEWSD)
MySQL Certified Administrator & Developer,
OMG Certified UML Prof. Fund., Int., Adv.
The right element is http-method-omission. You can find it in the FIGURE 14-12 security-constraint Element Structure in the spec. I think this newblog(Dec 24, 2009) might help you.
I think that they initially wanted to name this element as http-method-exception, but they finally setteled with the name http-method-omission. A relativiley oldblog(Dec 16, 2008) defines this element by the name http-method-exception.
OCPJP 6, OCE Java EE 6 JSP and Servlets Developer, OCE Java EE 6 EJB Developer...