web.xml Visual Editor: Security Constraints
See Also
Use the Security Constraints section of the web.xml Visual Editor to add and configure security constraints for your web application.
The following fields appear in a constraint section when you create a new constraint or edit an existing one:
- Display Name. A unique name that identifies the security constraint.
- Web Resource Collection. A list of URL patterns and HTTP methods that describe a set of Web resources to be protected.
- Name. A unique name that identifies the web resource.
- URL Pattern. URL patterns separated by commas.
- HTTP Method. The HTTP method or methods used for this web resource.
- Description. An optional description of the web resource.
- Enable Authentication Constraint. An authorization rule that determines who belong to a particular role is permitted to access a Web resource collection.
- Description. An optional description of the authentication constraint.
- Role Name(s). List of roles separated by commas. These roles must match the roles defined in the Security Roles table.
- Enable User Data Constraint. Indicates how data between a client and a Web container should be protected. The protection can be the prevention of tampering with the data or prevention of eavesdropping on the data.
- Description. An optional description of the user data constraint.
- Transport Guarantee. The type of guarantee for the transport: NONE, INTEGRAL, or CONFIDENTIAL.
- INTEGRAL ensures that communication between entities is not being tampered with by another party, especially one that can intercept and modify their communications. Integrity mechanisms can also be used to ensure that messages can only be used once.
- CONFIDENTIAL ensures private communication between entities. Privacy is achieved by encrypting the message contents.
After you add a security constraint, a Remove button appears at the top of the constraint section. Click the Remove button to remove the constraint.
- See Also
- web.xml Visual Editor: Login Configuration
- web.xml Visual Editor: Security Roles
- About Deployment Descriptors
- About Configuring Web Applications
- Configuring Web Application Deployment Descriptors
Legal Notices