发表新帖
发表新帖

How to exclude one url from authorization

后端 未结
关注
4 1249
天涯浪人
天涯浪人 2020-12-04 16:21

My web.xml looks like:
4条回答
  • 臣服心动
    臣服心动 (楼主)
    2020-12-04 17:07

    I don't know whether I get you right ! With my limited knowledge I think in-order to implement security the content to be secured is declared using one or more web-resource-collection elements. Each web-resource-collection element contains an optional series of url-pattern elements followed by an optional series of http-method elements. The url-pattern element value specifies a URL pattern against which a request URL must match for the request to correspond to an attempt to access secured content. The http-method element value specifies a type of HTTP request to allow.

    
    
        Secure Content
        /restricted/*
    
    
        AuthorizedUser
    
    
        NONE
    



    BASIC
    The Restricted Zone



    The role required to access restricted content 
    AuthorizedUser

    URL lying under the web application's /restricted path requires an AuthorizedUser role.

    0 讨论(0)
 看不清?
提交回复
热议问题