GAE: TidBits on Security

TidBits on Security

web.xml can be use to define security for an application. security-constraint section is used to define constraints.

The following XML is used to prevent /prefs from accessing without user login

<pre>
<security-constraint>
<web-resource-collection>
<web-resource-name>prefs</web-resource-name>
<url-pattern>/prefs</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>

</pre>

A security constraint is a convenient way to implement Google Accounts authentication for a set of URLs.

Posted in: GAE

Leave a Comment