开发者

web.xml <url-pattern> and <security-constraint> using RESTfull url

开发者 https://www.devze.com 2023-03-07 15:44 出处:网络
While using tomcat 6 on java6 with jax-rs (jersey), I\'d like my clients to be able to 开发者_StackOverflow社区http GET /order but not GET /order/42

While using tomcat 6 on java6 with jax-rs (jersey), I'd like my clients to be able to 开发者_StackOverflow社区http GET /order but not GET /order/42

If I put something like /order/* it also matches /order

ie:

  <web-resource-collection>
     <web-resource-name>show a specific order</web-resource-name>
     <url-pattern>/order/*</url-pattern>
     <http-method>GET</http-method>
  </web-resource-collection>

If I http://localhost/order -> 401 same story for http://localhost/order/42

I believe this is not achievable with web.xml but just in case...


As a workaround,

You can configure a Filter at /order/* and check for the URL. if its /order/something redirect it to secured URL

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号