Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

how to exclude a particular url pattern from security constraints

843841Nov 6 2004 — edited Dec 19 2006

I have a Struts-based web app where the controller servlet is mapped to a URL pattern "*.do". All the URL patterns ending in .do (*.do) are secured declaratively in web.xml. I have a need where I have to allow access to a particulat action without authenticating a user. Is there a way to achieve this only by using declarative security? Can I somehow specify using a security-constraint element in web.xml that I need this action to be insecured?

I guess I can achieve this using filters. But I would like to know if this could be done without any extra coding and just using declarative security.

Any help/pointers appreciated.

Locked Post

New comments cannot be posted to this locked post.

Locked on Jan 16 2007

Added on Nov 6 2004

#java-servlet

7 comments

913 views