I was wondering... I have this configuration on my web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Actions</web-resource-name>
<description>Actions</description>
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<description>usuarios permitidos</description>
<role-name>Administrador</role-name>
</auth-constraint>
<user-data-constraint>
<description>Encryption is not required for the application in general. </description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
Which prevents the user to access resources without being authenticated. Is it possoble to create a pattern to exclude some of them? Like login/*.do would not require the user being authenticated to be accessed?
Thanks a lot
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
