Useing Spring for Security, I can get the program running using the following code.
UPDATE
You are right the code I posted wont work for the purpose you need.
According to Java Servlet 3.1 Specification, chapter 12.2, the mappings are defined as the following:
In the Web application deployment descriptor, the following syntax is used to define mappings:
- A string beginning with a ‘/’ character and ending with a ‘/*’ suffix is used for path mapping.
- A string beginning with a ‘*.’ prefix is used as an extension mapping.
- The empty string ("") is a special URL pattern that exactly maps to the application's context root, i.e., requests of the form
http: //host:port//. In this case the path info is ’/’
and the servlet path and context path is empty string (““).- A string containing only the ’/’ character indicates the "default" servlet of the application. In this case the servlet path is the
request URI minus the context path and the path info is null.- All other strings are used for exact matches only.
The last constraint:
All other strings are used for exact matches only.
For my understanding you wont be able to use the ** wildcard refering to subdirectories, since it will be a specific match.
It seems like <url-pattern>/web/admin/*</url-pattern>
should work.