check this
http://www.mail-archive.com/[EMAIL PROTECTED]/ msg101208.html
see the <http-method> tags specified there ?
if i get it right, you dont want to open the methods GET and POST for everyone, and after that, you want to restrict all methods (PUT,DELETE,PROPFIND,etc) to a certain role
does that help ? I havent actually tried this :-)
>I have included the org.apache.catalina.servlets.WebdavServlet
in the web.xml descriptor for my application
<servlet>
<servlet-name>WebdavServlet</servlet-name>
<servlet-class>org.apache.catalina.servlets.WebdavServlet</servlet- class
<servlet-mapping> <servlet-name>WebdavServlet</servlet-name> <url-pattern>/</url-pattern> </servlet-mapping>
It all falls down when I try to add security however.
If all requests have to go through the webdav servlet, then if I assign the following constraint
<security-constraint> <web-resource-collection> <web-resource-name>The Webdav bit</web-resource-name> <url-pattern>/*</url-pattern> <!-- or just <url-pattern>/</url-pattern> --> </web-resource-collection> <auth-constraint> <role-name>somerole</role-name> </auth-constraint> </security-constraint>
this means that no one can see my site unless they log in . Which is not
what I want of course.
goodluck, *-pike
===========
404 Not Found - The weapons you are looking for are currently unavailable. The country might be experiencing technical difficulties, or you may need to adjust your weapons inspectors mandate.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
