How to exclude one url from authorization

java jakarta-ee authentication web.xml
hudi picture hudi · Feb 22, 2013 · Viewed 39.2k times · Source

My web.xml looks like:

<security-constraint>
    <web-resource-collection>
        <web-resource-name>app</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>Role</role-name>
    </auth-constraint>
</security-constraint>

this protect every side from authorization but I want exclude /info. Is this possible ?

Answer

user517491 picture user517491 · Feb 25, 2013

Omit the <auth-constraint> element in <security-constraint> for resources for which you don't need authentication like:

<security-constraint>
    <web-resource-collection>
        <web-resource-name>app</web-resource-name>
        <url-pattern>/info</url-pattern>
    </web-resource-collection>
    <!-- OMIT auth-constraint -->
</security-constraint>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>app</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>Role</role-name>
    </auth-constraint>
</security-constraint>

Related questions

Using Servlet 3.0 with Weblogic 10.3

I am working on a form-based authentication and using following statements. I have realized on the way of implementation that HttpServletRequest->login method comes with servlet 3.0.(with help of stackoverflow users) HttpServletRequest request = getHttpServletRequest(); request.login() So I am …

Read More
Could not calculate build plan: Plugin org.apache.maven.plugins:maven-resources-plugin:2.5 or one of its dependencies could not be resolved

org.apache.maven.plugin.PluginResolutionException: Plugin org.apache.maven.plugins:maven-resources-plugin:2.5 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-resources-plugin:jar:2.5 at org.apache.maven.plugin.internal.DefaultPluginDependenciesResolver.resolve(…

Read More
How to upload files to server using JSP/Servlet?

How can I upload files to server using JSP/Servlet? I tried this: <form action="upload" method="post"> <input type="text" name="description" /> <input type="file" name="file" /> <input type="submit" /> </…

Read More