Hi All
This question is regarding the last question in Page 660 of HFSJ.
How do you constrain evertyhing with in foo/bar directory so that only ADMIN can invoke ANY http methods on those resources .
The answer given is :
My understanding is that
security-constraint defines the �http-methods� that can be performed on each �resource� given in web-resource-collection by users in each �role� given in auth-constraint . If no methods are mentioned , then everything is blocking .
So above answer should be ALL BLOCKING even for ADMIN . Please provide your thoughts on this
[ March 04, 2008: Message edited by: Akhil Maharaj ]
[ March 04, 2008: Message edited by: Akhil Maharaj ]