【问题标题】:Specify GET parameter in url-pattern in web.xml. Is this possible?在 web.xml 的 url-pattern 中指定 GET 参数。这可能吗?
【发布时间】:2013-09-26 14:37:40
【问题描述】:

我正在尝试根据传入的 GET 参数过滤 URL。是否支持以下内容?基本上URL过滤对传入的参数起作用吗?我正在尝试对 /support 进行身份验证,但不是 /support?immediate=true。

       <security-constraint>
                <web-resource-collection>
                    <web-resource-name>Exceptions</web-resource-name>
                        <url-pattern>/watchdog</url-pattern> 
                        <url-pattern>/version.xml</url-pattern>             
                        <url-pattern>/files/dist/gui*</url-pattern> 
                        <url-pattern>/support?immediate=true</url-pattern> <----is this supported?
                        <url-pattern>/majorversion</url-pattern> 
                        <url-pattern>/services/*</url-pattern>              
                        <url-pattern>/remoting/*</url-pattern>  
                        <url-pattern>/alarm.vmsg</url-pattern>              
                        <url-pattern>/event.vmsg</url-pattern>  
                        <url-pattern>/fault.vmsg</url-pattern>  
                        <url-pattern>/jsp/style.css</url-pattern>
                        <url-pattern>/style.css</url-pattern>               
                    </web-resource-collection>
                <user-data-constraint>
                    <transport-guarantee>NONE</transport-guarantee>
                </user-data-constraint>
            </security-constraint>


    <security-constraint>
        <web-resource-collection>
            <web-resource-name>All Access is restricted</web-resource-name>
            <url-pattern>/*</url-pattern>                   
        </web-resource-collection>
        <auth-constraint>
            <role-name>user</role-name>
        </auth-constraint>

        <user-data-constraint>
            <!-- transport-guarantee can be CONFIDENTIAL, INTEGRAL, or NONE -->
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>Server</realm-name>
    </login-config>

    <security-role>
        <role-name>user</role-name>
    </security-role>

【问题讨论】:

    标签: security web.xml


    【解决方案1】:

    你不能,它必须在你的 servlet 源代码上实现。

    【讨论】:

      猜你喜欢
      • 2013-09-25
      • 2013-08-02
      • 1970-01-01
      • 2016-05-13
      • 2016-08-26
      • 2011-08-12
      • 2020-03-27
      • 2013-08-02
      • 2012-01-29
      相关资源
      最近更新 更多