Hi guys,
i was reading through HFS
then i confused about http-method element in web-resource collection
the book says on pg 634
if there were No <http-method> elements in the <web-resource-collection>,it would mean that NO HTTP Methods are allowed,
but errata
web page says
"If there were NO <http-method> elements in the <web-resource-collection>, it would mean that NO HTTP Methods are allowed, by ANYONE in any role."
should be:
"If there are NO <http-method> elements, in the <web-resource-collection>, it would mean that ALL HTTP Methods are allowed."
I trust errata rather than printed book because its being regulary updated
but on pg 635 again Lower box, 1) point(after 4 th paragraph)
"Do not specify ANY <http-method> elements in the <security-constraint>
which means that ALL methods are constrained"
i am totally confused .. is it allowed or constraint??
can any body help me out of this?
I would like know 2 conditions
when
1. no <http-method> specified
2. <http-method /> is empty
what will happen in both cases ,
It would be great for me if you answer those questions
thanks
sundar