How do you negate a security constraint in tomcat?
Basically, I have one security constraint defined which setup up basic authentication for the entire context.
How can I exclude one file, for example, /public-available.html开发者_StackOverflow from this? So I have authentication setup for everything, except this one resource.
Read this: http://java.dzone.com/articles/understanding-web-security In case you face any problem, let me know.
It will be much easier to manage your security constraint if you put files with different access in different folder/hierarchy. ex: /public/public-available.html, /restricted/xyz.html
精彩评论