如何从授权中排除一个网址 [英] How to exclude one url from authorization
本文介绍了如何从授权中排除一个网址的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我的 web.xml 看起来像:
My web.xml looks like:
<security-constraint>
<web-resource-collection>
<web-resource-name>app</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Role</role-name>
</auth-constraint>
</security-constraint>
这可以保护每一方免受授权,但我想排除/info.这可能吗?
this protect every side from authorization but I want exclude /info. Is this possible ?
推荐答案
省略
Omit the <auth-constraint> element in <security-constraint> for resources for which you don't need authentication like:
<security-constraint>
<web-resource-collection>
<web-resource-name>app</web-resource-name>
<url-pattern>/info</url-pattern>
</web-resource-collection>
<!-- OMIT auth-constraint -->
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>app</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Role</role-name>
</auth-constraint>
</security-constraint>
这篇关于如何从授权中排除一个网址的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
