2 Replies Latest reply on Mar 3, 2006 7:16 AM by maheshkudva

Security Exemption

maheshkudva Feb 25, 2006 1:33 AM

Hi

I have been running web apps with client certificate authentication. My requirement is that i want to exempt one .jsp file from this authentication purpose. My webapps web.xml is as follows:

<security-constraint>
 <web-resource-collection>
 <web-resource-name>Volga</web-resource-name>
 <url-pattern>/*</url-pattern>
 <http-method>GET</http-method>
 <http-method>POST</http-method>
 </web-resource-collection>
<security-constraint>

How do i go about exemting one jsp file from cetificate authentication? The content of the file changes relative to the modifications done using the application..

Regards & Thanks
================
Mahesh S Kudva

1. Re: Security Exemption

j2ee_junkie Feb 25, 2006 8:44 AM (in response to maheshkudva)
Mahesh,

The best way (AFAIK) to handle this situation is to put all the jsp's you want security contraints on in a subdirectory of root. For example you can use 'secured'. Then leave any pages that do not have constraints in root. Your web.xml will then look like this...
... <security-constraint> <web-resource-collection> <web-resource-name>Volga</web-resource-name> <url-pattern>/secured/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <security-constraint> ...

enjoy, cgriffith
Actions
2. Re: Security Exemption

maheshkudva Mar 3, 2006 7:16 AM (in response to maheshkudva)

Thanks junkie
Actions

Go to original post