web.xml <url-pattern> and <security-constraint> using RESTfull url
While using tomcat 6 on java6 with jax-rs (jersey), I'd like my clients to be able to 开发者_StackOverflow社区http GET /order but not GET /order/42
If I put something like /order/* it also matches /order
ie:
<web-resource-collection>
<web-resource-name>show a specific order</web-resource-name>
<url-pattern>/order/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
If I http://localhost/order -> 401 same story for http://localhost/order/42
I believe this is not achievable with web.xml but just in case...
As a workaround,
You can configure a Filter at /order/*
and check for the URL. if its /order/something
redirect it to secured URL
精彩评论