Win a copy of Java 9 Modularity: Patterns and Practices for Developing Maintainable Applications this week in the Java 9 forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

http-method  RSS feed

 
Justin Rundle
Ranch Hand
Posts: 123
Hibernate Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In the deployment descriptor a deployer can define resource/method constraints, more so if no <http-method> tag is specified, does that mean; 1) all methods WILL have access or 2) all methods WILL NOT have access to the defined resource?
 
Vishal Chugh
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

1)If no <http-method> is specified means all are contrained i.e no HTTP method allowed by any user .

2) If <http-method> is specified then only those which are specified are contrained others which are not specified they are not constrained.

3)If there is no <auth-contstraint> that means all are allowed , its equal to <auth-contstraint>*</auth-contstraint>

4)If there is empty <auth-contstraint> then no1 is allowed .

5)If some role is specified in <auth-constraint> then that role is only allowed to make constarined request on constarined resourse .

I hope , it will help you in digesting.

Thanks
Vishal Chugh
 
Justin Rundle
Ranch Hand
Posts: 123
Hibernate Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Vishal
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!