Could you please show valid syntax with value="DENY" or value="PERMIT" ?The second Httpconstraint is not correctly specified (valid values for value are PERMIT and DENY).
About Question enthuware.jwpv6.2.657 :
Moderator: admin
-
- Posts: 197
- Joined: Mon Jun 20, 2016 5:06 pm
- Contact:
About Question enthuware.jwpv6.2.657 :
Hi
-
- Site Admin
- Posts: 10326
- Joined: Fri Sep 10, 2010 9:26 pm
- Contact:
Re: About Question enthuware.jwpv6.2.657 :
@HttpConstraint(value="PERMIT")johnlong wrote:Hi
Could you please show valid syntax with value="DENY" or value="PERMIT" ?The second Httpconstraint is not correctly specified (valid values for value are PERMIT and DENY).
The "value" attribute applies (only) when rolesAllowed returns an-empty array. (Servlet 3.0 Specifcation Section 13.4.1.
HTH,
Paul.
If you like our products and services, please help us by posting your review here.
-
- Posts: 197
- Joined: Mon Jun 20, 2016 5:06 pm
- Contact:
Re: About Question enthuware.jwpv6.2.657 :
Is it correct full syntax?
@ServletSecurity(@HttpConstraint(value="PERMIT"));
@ServletSecurity(@HttpConstraint(value="PERMIT"));
-
- Site Admin
- Posts: 10326
- Joined: Fri Sep 10, 2010 9:26 pm
- Contact:
Re: About Question enthuware.jwpv6.2.657 :
Actually, it should be @ServletSecurity(@HttpConstraint(EmptyRoleSemantic.PERMIT));
See section 13.4.1.1 of Servlet 3.0 specification for more examples.
See section 13.4.1.1 of Servlet 3.0 specification for more examples.
If you like our products and services, please help us by posting your review here.
-
- Posts: 197
- Joined: Mon Jun 20, 2016 5:06 pm
- Contact:
-
- Posts: 5
- Joined: Sat Aug 12, 2017 1:43 pm
- Contact:
Re: About Question enthuware.jwpv6.2.657 :
The fifth example have one spelling mistake (2 parentheses after @ServletSecurity), when need only 1 parentheses
Correct variant:
Correct variant:
Code: Select all
@ServletSecurity(
httpMethodConstraints = {
@HttpMethodConstraint(
value = "GET",
rolesAllowed = "R1"
),
@HttpMethodConstraint(
value = "POST",
rolesAllowed = "R1",
transportGuarantee = ServletSecurity.TransportGuarantee.CONFIDENTIAL
)
})
-
- Posts: 5
- Joined: Sat Aug 12, 2017 1:43 pm
- Contact:
Re: About Question enthuware.jwpv6.2.657 :
The seventh example another spelling mistake, lost literal "f" in word "for" (the first word):
" ...or all HTTP methods except TRACE, auth-constraint requiring membership in Role R1; for TRACE, all access denied"
" ...or all HTTP methods except TRACE, auth-constraint requiring membership in Role R1; for TRACE, all access denied"
-
- Site Admin
- Posts: 10326
- Joined: Fri Sep 10, 2010 9:26 pm
- Contact:
Re: About Question enthuware.jwpv6.2.657 :
Fixed.
thank you for your feedback!
thank you for your feedback!
If you like our products and services, please help us by posting your review here.
Who is online
Users browsing this forum: No registered users and 1 guest