Hi All,
I am going through Mikalai Zaikin's notes. In the section rlated to Web Applicattion Security. I did not understand the below statement.
A security constraint that does not contain an authorization constraint shall combine with authorization constraints that name or imply roles to allow unauthenticated access. The special case of an authorization constraint that names NO roles shall combine with any other constraints to OVERRIDE their affects and cause access to be PRECLUDED. The example related to the above statement is below.
[B]
'/*' DELETE access precluded
'/*' PUT access precluded
'/acme/wholesale/*' DELETE access precluded
[/B]
Can anyone explain what the
word "PRECLUDED" means in the above context.
In the above , does it mean there is no access for DELETE method to '/*' URL
pattern.
Thanks
Shyam Ramineni