Security Constraint Policy
A security constraint associates authorization and/or user data constraints with HTTP operations on web resources. A Security Constraint policy allows you to set security constraints on one or more web resource collections.
A security constraint, which is represented by
security-constraint in the deployment descriptor,
consists of two main elements:
- Web resource collection. The HTTP operations and web resources to which a security constraint applies (i.e., the constrained requests) are identified by one or more web resource collections (web-resource-collection in the deployment descriptor). A web resource collection consists of URL patterns (url-pattern in deployment descriptor), and HTTP methods (http-method in deployment descriptor).
- Authorization constraint. An authorization constraint (auth-constraint in the deployment descriptor) establishes a requirement for authentication, and names the authorization roles permitted to perform the constrained requests. A user must be a member of at least one of the named roles to be permitted to perform the constrained requests. An authorization constraint consists of the role name element (role-name in deployment descriptor).
Copyright © 2022. Cloud Software Group, Inc. All Rights Reserved.