Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Security Doubt

 
Srividhya Kiran
Ranch Hand
Posts: 166
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi

consider the code below



who can access /UpdateRecipes? In 1) nobody cant access it whereas in 2) everyone can access it.

Thanks
Srividhya
[ July 30, 2008: Message edited by: Srividhya Kiran ]
 
Antonio Tercero
Ranch Hand
Posts: 110
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The answer is: Nobody
 
Srividhya Kiran
Ranch Hand
Posts: 166
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Antonio

Thanks for your reply. Can you explain me how?

Thanks
Srividhya
 
Antonio Tercero
Ranch Hand
Posts: 110
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
which means no role can access the resource specified, takes precedence over
 
Srividhya Kiran
Ranch Hand
Posts: 166
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks
 
Ravi Singh
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just to add to the answer all users in any role will still be able to access Update resource in any Http method except GET
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic