This week's book giveaway is in the Features new in Java 9 forum.
We're giving away four copies of Java 9 Revealed and have Kishori Sharan on-line!
See this thread for details.
Win a copy of Java 9 Revealed this week in the Features new in Java 9 forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

web security : doubt  RSS feed

 
Sreeraj G Harilal
Ranch Hand
Posts: 310
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can we specify <security-constraint> to a particular folder?

HFSJ says yes.
But its not working to me.
I have a class SelectBeer under WEB-INF/classes/com/example/web.

here is my security constraint part of web.xml


but its not working.
i tried this also
<url-pattern>/classes/com/example/web/*</url-pattern>

but still its not working.

Please tell me how i make security constraint to all the files in that folder WEB-INF/classes/com/example/web.
 
Sreeraj G Harilal
Ranch Hand
Posts: 310
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here is my full web.xml file



browser request
http://localhost:8080/HFSJ/SelectBeer.do
 
Celinio Fernandes
Ranch Hand
Posts: 549
Eclipse IDE Google Web Toolkit Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
duh !
the path you specified in the <url-pattern> element is wrong.
What is the fully-qualified class name doing here ?
I suggest that you check the rules regarding URL mapping.
 
Gowher Naik
Ranch Hand
Posts: 643
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
First of all
<security-role>
<role-name>admin</role-name>
</security-role>

is missing

Try
<url-pattern>/SelectBeer.do</url-pattern> inside <security-constraint>
 
Sreeraj G Harilal
Ranch Hand
Posts: 310
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

First of all
<security-role>
<role-name>admin</role-name>
</security-role>

is missing

Try
<url-pattern>/SelectBeer.do</url-pattern> inside <security-constraint>


There is no need to specify <security-role> here(DD).
I know this url pattern(<url-pattern>/SelectBeer.do</url-pattern>) will work.

But my doubt is HFSJ says (Page number 634) we can specify directories with constraints.

Please try to clear my doubt.
 
Don't get me started about those stupid light bulbs.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!