Java Reference
In-Depth Information
We then need to provide a
Resource Name
, an optional
Description
and
URL
Pattern(s)
for the pages belonging to our security constraint. A common practice
is to group all pages belonging to a security constraint under a sub folder of the
Web Pages folder, a practice we followed in our example, all administrative pages
are under the
admin
folder, therefore the URL pattern to access them is
/admin/*
,
meaning any URL beginning with
/admin
, after the context root of our application.
In order to allow only authorized users to view our protected pages, we need to
check the
Enable Authentication Constraint
checkbox and enter the role(s) that are
authorized to view the page in the
Role Name(s)
field.