Lots of <security-constraint> doesn't work
I have the following in GlassFish deployed EAR:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Pages</web-resource-name>
<url-pattern>/restricted/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<web-resource-collection>
<web-resource-name>Secure Pages</web-resource-name>
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
But when I add another stanza, like this, the original still works, but not the new security constraint, the new security constraint:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Pages</web-resource-name>
<url-pattern>/su/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>su</role-name>
</auth-constraint>
</security-constraint>
Does anyone see the problem?
+2
source to share
No one has answered this question yet
Check out similar questions: