Win a copy of Java Mock Exams (software) this week in the Programmer Certification (OCPJP) forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Web app security, http-method tag

 
Nikunj Kshatriya
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have a query regarding the web app security topic.

If you do not specify the <http-method> tag in the <web-resource-collection> then it means that ALL methods are constrained. Would <http-method>*</http-method> mean the same ? The HFSJ does not mention this case.

Nikunj
 
Sunder Ganapathy
Ranch Hand
Posts: 120
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
'*' will not work. Either you specify each HTTP method you want to restrict or restrict all HTTP methods by not specifying any HTTP method.
 
Nikunj Kshatriya
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Have you tried it out ?
 
Happiness is not a goal ... it's a by-product of a life well lived - Eleanor Roosevelt. Tiny ad:
the new thread boost feature: great for the advertiser and smooth for the coderanch user
https://coderanch.com/t/674455/Thread-Boost-feature
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!