Hello all. Embedded Jetty Question.
What is the appropriate way to secure all endpoints *except* n endpoints? In my case, n is 4. If it makes a difference, my subclassed DefaultServlet serves up static content, and also handles the "/" endpoint in a particular way, depending on the configuration of the application. My initial approach was: 1) Iterate over all of our servlets' paths (minus the 4 we want to remain insecure) and create a constraint mapping for each, and add those to the ConstraintSecurityHandler. 2) Add "/" to the ConstraintSecurityHandler. It appears that adding the "/" constraint mapping secures everything. Perhaps this is according to spec; I just don't know. Hence my original question. How to lock everything down, except n "path-specs"? Thanks in advance, and apologies if I'm missing something obvious (highly likely). Pete
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
