lundi 30 août 2021

I want to put constraint based on the extension only. I am trying to use the following -

<security-constraint>
    <display-name>XYZRole</display-name>
    <web-resource-collection>
        <web-resource-name>XYZRole</web-resource-name>
        <url-pattern>*.bear</url-pattern>
        <http-method>GET</http-method>
        <http-method>PUT</http-method>
        <http-method>HEAD</http-method>
        <http-method>TRACE</http-method>
        <http-method>POST</http-method>
        <http-method>DELETE</http-method>
        <http-method>OPTIONS</http-method>
    </web-resource-collection>

    <auth-constraint>
        <description>Access to XYZRole</description>
        <role-name>XYZRole</role-name>
    </auth-constraint>
    
</security-constraint>

The security.user.names.bear and security.user.roles.bear in defined in properties file. But it is not doing the whitelisting of valid Tenant.

How to put the extension URL pattern in <security-constraint>

Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)