Websphere: security-constraint in web.xml is not enforced

后端未结

关注

 1  1582

I\'m trying to enable SSL on a very old J2EE application I support. The application runs within WebSpehre 6.1. I\'ve enabled application security in the WAS profile running th

相关标签:

1条回答

青春惊慌失措

2021-01-23 09:06

If you want to protect the whole application the following pattern should do the trick:

<url-pattern>/*</url-pattern>

At least this works on mine 8.5.5

<security-constraint>
    <display-name>allApp</display-name>
    <web-resource-collection>
        <web-resource-name>allresources</web-resource-name>
        <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

Did you restarted the server after enabling application security?

0 讨论(0)