Doesn't Tomcat support wildcards like .jsp or .html at ??

Meinolf . Schulte-Doeinghaus Wed, 12 Sep 2001 11:33:01 -0700

Hi, 
I've tried to use wildcards for a webresource collection like *.jsp
to denie "guests" to access these pages but it doesn't work with tomcat
3.2.3 
Isn't that defined within the servlet specification?

Sample:
<security-constraint>
        <web-resource-collection>
                <web-resource-name>/jsp/*.jsp</web-resource-name>
                <url-pattern>/jsp/*.jsp</url-pattern>
        </web-resource-collection> 
        <auth-constraint>
                <role-name>admin</role-name>
        </auth-constraint>
</security-constraint>

Can I add a further web-resource-collection in a subdirectory of /jsp and 
give access to everyone? Like   /jsp/images/*  --> role-name = everyone
What is the "everyone" role that requires no password with tomcat 3.2.3?

Doesn't Tomcat support wildcards like *.jsp or *.html at ??

Reply via email to

Doesn't Tomcat support wildcards like .jsp or .html at ??