My GWT application is using Google Accounts authentication. I've added
this simple security constraint to my web.xml file:
<security-constraint>
<web-resource-collection>
<url-pattern>ds/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
In the hosted mode, if I type the full path to a file inside the 'ds'
folder (example http://<>/ds/abc.xml), it redirects me to the login
page. After login, I can access the file. However, it doesn't work
when the app is deployed to GAE. Any user can access the file from the
URL http://myappid.appspot.com/ds/abc.xml without logging in. I was
expecting the app to redirect me to the Google accounts login page
when I tried to access the file.
Am I missing something?
Thanks in advance.
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/google-appengine?hl=en.
