This week's book giveaway is in the Other Open Source APIs forum. We're giving away four copies of Storm Applied and have Sean Allen, Peter Pathirana & Matthew Jankowski on-line! See this thread for details.
I am trying to config my tomcat to restrict the usage of POST method to any of my pages. I configure as the following in the web.xml <security-constraint> <display-name> Privileged user only </display-name> <web-resource-collection> <web-resource-name></web-resource-name> <url-pattern>/*</url-pattern> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <security-role> <description> Defines privileged user for this tomcat installation </description> <role-name>amdin</role-name> </security-role> It seems working but I got 'error' is a 500 and I am expecting a 404. There is the error massage HTTP Status 500 - Configuration error: Cannot perform access control without an authenticated principal Is there anything I did wrong? Thanks Elinor
The more I learn, the less I know....<br /> <br />SCJP2 <br />SCWCD