Sure:
<security-constraint>
<web-resource-collection>
<web-resource-name>Private</web-resource-name>
<url-pattern>/pdf/*</url-pattern>
</web-resource-collection>
<auth-constraint></auth-constraint>
</security-constraint>
The empty <auth-constraint> element causes all client requests for the collected
resources to be denied (it's still legal to perform forwards or includes, however).
Quoting Nicolas De Loof <[EMAIL PROTECTED]>:
>
>
> > Can't you just have the action that "fronts" the PDF servlet return a
> forward
> > that represents the path to that servlet?
> >
> > web.xml:
> >
> > <servlet-mapping>
> > <servlet-name>pdfServlet</servlet-name>
> > <url-pattern>/pdf</url-pattern>
> > <servlet-mapping>
> >
> > You could also include a <security-constraint> element to ensure that
> clients
> > can't make direct requests to the PDF servlet.
> >
>
> That was what I was thinking about, but I thought it would allow user to
> get
> direct request to pdf-servlet. I never used <security-constraint> (nobody's
> perfect ;-)), could you give us an example please ?
>
> Nico.
>
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
--
Kris Schneider <mailto:[EMAIL PROTECTED]>
D.O.Tech <http://www.dotech.com/>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
