• Post Reply Bookmark Topic Watch Topic
  • New Topic

Confusion in web app security

 
aman thind
Ranch Hand
Posts: 71
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can anyone explain me the following.
If there are users named "admin" and "guest" and we have mentioned in <security-constraint>about particular url eg abc.jsp with http-method as "GET" and <auth-constraint> as admin,what will be the consequesnces. As per my understanding, guest can invoke all methods except "get" on abc.jsp and admin can invoke all methods including "GET" method on abc.jsp.Am i right? Please explain.
 
Marut pandey
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You are correct.
 
Happiness is not a goal ... it's a by-product of a life well lived - Eleanor Roosevelt. Tiny ad:
the new thread boost feature: great for the advertiser and smooth for the coderanch user
https://coderanch.com/t/674455/Thread-Boost-feature
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!