Hello,
I have a web app where I've set up BASIC auth for users. I want to exclude a specific url
pattern from this basic authorization. Is there a way to specify an exclusion pattern in web.xml's web-resource-collection for this ? I'm running my web-app in Resin 3.0.
Here is my web.xml:
--------------------------------------------------
<security-constraint>
<!-- web resources that are protected -->
<web-resource-collection>
<web-resource-name>A Protected Page</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>*</realm-name>
<!-- The authenticator tag is Resin-specific -->
<authenticator resin:type="com.caucho.server.security.XmlAuthenticator">
<password-digest>none</password-digest>
<user>protecteduser
rotecteduser:user</user>
</authenticator>
</login-config>
--------------------------------------------------
Thanks,
Mallika.