View RSS Feed

Servlet

Explain declarative security for WEB applications

Rate this Entry
by , 01-01-2012 at 04:03 PM (1236 Views)
Declarative security is implemented by the Servlet containers. Administration takes place via deployment descriptor web.xml file. Servlets & JSP pages along with the declarative security will become security aware code free. URLs could be protected via web.xml as it has been shown below:

XML Code: This is a web.xml with the security tags
<web-app>
<security-constraint>
<web-resource-collection>
<web-resource-name>PrivateAndSensitive</web-resource-name>
<url-pattern>/private/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>executive</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<!-- form based authorization -->
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
</web-app>

Submit "Explain declarative security for WEB applications" to Facebook Submit "Explain declarative security for WEB applications" to Digg Submit "Explain declarative security for WEB applications" to del.icio.us Submit "Explain declarative security for WEB applications" to StumbleUpon Submit "Explain declarative security for WEB applications" to Google

Updated 01-14-2012 at 05:52 PM by Servlet

Categories
Security

Comments