[jboss-as7-dev] Security Domain Association
Remy Maucherat
rmaucher at redhat.com
Mon Jun 13 08:57:27 EDT 2011
On Mon, 2011-06-13 at 18:10 +0530, Jaikiran Pai wrote:
> Furthermore, isn't the security for web, based on url-pattern and _not_
> per servlet class? For example the same servlet class might be mapped to
> two different url-patterns and only one url-pattern might be secured. In
> such cases having a @SecurityDomain on a servlet class won't work, isn't it?
The new security annotation from Servlet 3 now corresponds to it, but
the basis of the servlet security ultimately remains URL matching.
--
Remy Maucherat <rmaucher at redhat.com>
Red Hat Inc
More information about the jboss-as7-dev
mailing list