Results 1 to 2 of 2

Thread: Do I need to set security-constraint in web.xml

  1. Aug 15th, 2011, 10:27 AM #1
    blackcode82
    blackcode82 is offline Junior Member
    Join Date
    Aug 2011
    Posts
    1

    Default Do I need to set security-constraint in web.xml

    I am using Spring security with OpenSSO under Glassfish. Just wondering do I still need to specify security-constraint in web.xml? or it is not required?

    <security-constraint>
    <web-resource-collection>
    <web-resource-name>secure</web-resource-name>
    <url-pattern>/*</url-pattern>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
    <http-method>HEAD</http-method>
    <http-method>PUT</http-method>
    </web-resource-collection>
    <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
    </security-constraint>
    Reply With Quote Reply With Quote
  2. Aug 16th, 2011, 10:11 PM #2
    Rob Winch
    Rob Winch is offline Senior Member Spring Team
    Join Date
    Jan 2008
    Posts
    1,826

    Default

    Adding these values uses container managed security which is different from Spring Security. In general, all your Spring Security configuration will be in your Spring ApplicationContext. I would recommend looking at the getting started page.
    Rob Winch - @rob_winch
    Spring Security Lead
    Pivotal
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules