url-pattern in web-resource-collection

Apr 29, 2008 06:47:00

Hi all,

in the Specs of Servlets: <url-pattern>*, which means that it is optional (0 to many).
what happens if you omit the <url-pattern> inside <web-resource-collection>?
[ April 29, 2008: Message edited by: Musab Al-Rawi ]

Apr 29, 2008 07:15:00

url-pattern for web-resource-collection is required. See page 133 of the Servlet 1.4 spec. If it were optional it would specify minOccurs="0" for the url-pattern element.

Apr 29, 2008 07:20:00

if <url-pattern> is missed in <web-resource-collection> then the server ignores <web-resource-collection> element, because there is no meaning to <web-resource-collection> element if we dont use <url-pattern> in it.

Generally it will be <url-pattern>*</url-pattern>, so that anyone can access any URL, that means all users can access the all parts of the application.

in the blow case:
<url-pattern>/security/xyz.jsp</url-pattern>, if you specify perticular user, then he alone can access this url.
[ April 29, 2008: Message edited by: Kumar Garlapati ]

Apr 29, 2008 23:33:00

Thanks.

Kumar:

Generally it will be <url-pattern>*</url-pattern>, so that anyone can access any URL, that means all users can access the all parts of the application.

I think you meant to say that all resources are restricted (for the specified methods and roles) unless a user (that belongs to the specified role(s)) is loggedin. Am I correct?

Apr 21, 2011 00:49:36

Yeah I think you are right...All the resources get restricted.....And if you want specific resources to be restricted and rest everything to be accessed then you should be writing /jsp/* ..just an example...which will restrict all the jsp pages..but the images, css and all such other resources will still be accessible....

You will always be treated with dignity. Now, strip naked, get on the probulator and hold this tiny ad:

a bit of art, as a gift, that will fit in a stocking

https://gardener-gift.com