Page 1 of 1
About Question enthuware.jwpv6.2.657 :
Posted: Tue Aug 16, 2016 12:13 pm
by johnlong
Hi
The second Httpconstraint is not correctly specified (valid values for value are PERMIT and DENY).
Could you please show valid syntax with value="DENY" or value="PERMIT" ?
Re: About Question enthuware.jwpv6.2.657 :
Posted: Tue Aug 16, 2016 9:21 pm
by admin
johnlong wrote:Hi
The second Httpconstraint is not correctly specified (valid values for value are PERMIT and DENY).
Could you please show valid syntax with value="DENY" or value="PERMIT" ?
@HttpConstraint(value="PERMIT")
The "value" attribute applies (only) when rolesAllowed returns an-empty array. (Servlet 3.0 Specifcation Section 13.4.1.
HTH,
Paul.
Re: About Question enthuware.jwpv6.2.657 :
Posted: Wed Aug 17, 2016 1:51 pm
by johnlong
Is it correct full syntax?
@ServletSecurity(@HttpConstraint(value="PERMIT"));
Re: About Question enthuware.jwpv6.2.657 :
Posted: Wed Aug 17, 2016 8:50 pm
by admin
Actually, it should be @ServletSecurity(@HttpConstraint(EmptyRoleSemantic.PERMIT));
See section 13.4.1.1 of Servlet 3.0 specification for more examples.
Re: About Question enthuware.jwpv6.2.657 :
Posted: Thu Aug 18, 2016 12:24 am
by johnlong
Thank you
Re: About Question enthuware.jwpv6.2.657 :
Posted: Wed Feb 07, 2018 4:07 pm
by kakawi
The fifth example have one spelling mistake (2 parentheses after @ServletSecurity), when need only 1 parentheses
Correct variant:
Code: Select all
@ServletSecurity(
httpMethodConstraints = {
@HttpMethodConstraint(
value = "GET",
rolesAllowed = "R1"
),
@HttpMethodConstraint(
value = "POST",
rolesAllowed = "R1",
transportGuarantee = ServletSecurity.TransportGuarantee.CONFIDENTIAL
)
})
Re: About Question enthuware.jwpv6.2.657 :
Posted: Wed Feb 07, 2018 4:10 pm
by kakawi
The seventh example another spelling mistake, lost literal "f" in word "for" (the first word):
" ...or all HTTP methods except TRACE, auth-constraint requiring membership in Role R1; for TRACE, all access denied"
Re: About Question enthuware.jwpv6.2.657 :
Posted: Thu Feb 08, 2018 1:12 pm
by admin
Fixed.
thank you for your feedback!