• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Confusion in web app security

 
aman thind
Ranch Hand
Posts: 71
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can anyone explain me the following.
If there are users named "admin" and "guest" and we have mentioned in <security-constraint>about particular url eg abc.jsp with http-method as "GET" and <auth-constraint> as admin,what will be the consequesnces. As per my understanding, guest can invoke all methods except "get" on abc.jsp and admin can invoke all methods including "GET" method on abc.jsp.Am i right? Please explain.
 
Marut pandey
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You are correct.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic