java - Whitelisting a web resource using spring security -

-

the standard method secure web application forbid unauthenticated access , white-list specific resources.

all of following xml fragments allow access resource, different though implications:

<http pattern="/favicon.ico" security="none" />  <intercept-url pattern="/favicon.ico" filters="none" />  <intercept-url pattern="/favicon.ico" access="permitall"/>   <intercept-url pattern="/favicon.ico" access="role_anonymous" />  <intercept-url pattern="/favicon.ico" access="is_authenticated_anonymously" />

which should used when , under circumstances?

<http pattern="/favicon.ico" security="none" />

will bypass security filters completely, want kind of resource we're dealing here (i.e. favicon.ico).

if do

<intercept-url pattern="/favicon.ico" access="is_authenticated_anonymously" />

you still able information regarding logged in user (if any) when rendering resource (might useful when rendering page should accessible without login still want able present e.g. user name on rendered page if user logged in).

permitall same thing, el syntax.

role_anonymous appears grant access anonymous users, deny anthenticated ones.

<intercept-url pattern="/favicon.ico" filters="none" />

is old syntax, knowledge no longer supported.


Comments

Post a Comment

Popular posts from this blog

java - Date formats difference between yyyy-MM-dd'T'HH:mm:ss and yyyy-MM-dd'T'HH:mm:ssXXX -

-
i trying parse date 2014-12-03t10:05:59.5646+08:00 using these 2 formats: yyyy-mm-dd't'hh:mm:ss yyyy-mm-dd't'hh:mm:ssxxx when parse using yyyy-mm-dd't'hh:mm:ss works fine, when parse yyyy-mm-dd't'hh:mm:ssxxx parseexception thrown. which correct format parse date , difference between these 2 formats? note : cannot use joda :( those valid formats: yyyy-mm-dd't'hh:mm:ss.sssz >>> e.g.: 2001-07-04t12:08:56.235-0700 yyyy-mm-dd't'hh:mm:ss.sssxxx >>> e.g.: 2001-07-04t12:08:56.235-07:00 edit: btw, "x" refer (iso 8601 time zone)
Read more

c# - Get rid of xmlns attribute when adding node to existing xml -

-
i have xml-file: <ns2:root xmlns:ns2="namespace"> <ns2:a> <ns2:b>some content</b> <ns2:c>some content</c> <ns2:d>some content</d> </a> </root> i need add new node in specific place, code is: var doc = xdocument.load(file); xnamespace ns2 = "namespace"; doc.element(ns2 + "root").element(ns2 + "a").element(ns2 + "c").addafterself( new xelement(ns2+"new", new xelement("new1", new xelement("new2","some content"), new xelement("new3", "some content")))); the output is: <ns2:root xmlns:ns2="namespace"> <ns2:a> <ns2:b>some content</b> <ns2:c>some content</c> <ns2:new> <new1 xmlns=""> <new2>some content</new2> ...
Read more