Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

What happen when http-method is not defined in the security constraint?

 
alzamabar
Ranch Hand
Posts: 379
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, I didn't quite understood what would happen if a <http-method> method is not defined in a <web-resource-collection> element. Does this mean that ALL methods will be constrained? And if so, does this mean that an authorized user (let's say someone defined in the <auth-constraint> element) can access ALL methods or that even an authorized user CANNOT access any method for the constrained resource?
 
Deb Sadhukhan
Ranch Hand
Posts: 67
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Check this thread. Still this is not very clear to me.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic