I would only like to password protect the root directory in my context context for Jetty WebApp. My context path is / MyApp, so I would like to get a password for access:
http:
But NOT for:
http:
My current setup is below (note the url pattern):
<security-constraint> <web-resource-collection> <web-resource-name>Private Page</web-resource-name> <url-pattern>/</url-pattern> </web-resource-collection> <auth-constraint> <role-name>moderator</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Test Realm</realm-name> </login-config>
I expect this to work by nature as / and / * in general. I also saw this resource, which I believe suggests that this should pretty much work: http://www.coderanch.com/t/364782/Servlets/java/there-key-difference-between-url
However, for my case, url patterns are:
<url-pattern>/</url-pattern>
and
<url-pattern>/*</url-pattern>
seem to act exactly the same: both
http:
and
http:
The GENERAL password is protected.
Of course, if I go to / nothingishere, just like a performance test, nothing is password protected except / MyApp / nothingishere
Does anyone know how to protect only the root directory of web servlets?
passwords web-applications servlets jetty cometd
Drewch
source share