http-method tag in security constraint
posted 11 years ago
Page 660 of HFSJ says that : we left off <http-method> so that no HTTP methods are accessible to anyone except Admin. According to my understanding if we leave the <http-method> tag, in that case all the users are allowed to access all the http methods. pls correct me if i am wrong.