Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Authorization

 
deepa raj
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


This code means ,
files under /Beer/UpdateRecipes directory is contarined resurce for member role that tooonly for POST method .

but it can be accessible to other roles (not member), other http methods (not POST) and member role with other http methods(other than POST) unconstrained manner.

Note : all roles and http methods will access the resources. But it can be constrained for some roles and methods.We can't say this resource cant be accessed.

whether my above sayings are correct ?
 
Musab Al-Rawi
Ranch Hand
Posts: 231
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The resource can be accessed by members of other roles with constraint through HTTP methods (other than POST). But here is the thing, your servlet won't override doXXX() except for the doPost().
 
Baddy Davay
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No other methods and roles apart from defined are not constrained ,provided you trying to send a GET request and you have defined a doGet method,It would work fine.but if there is not doGet method, you would get the default 405 error code.
 
Consider Paul's rocket mass heater.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic