Re: hasAccessToWebResource method

Home Messages Hashtags

Arjan Tijms #41 p.s. To address some of the concerns that were raised by Will, I could make the following changes: * Rename the method to hasCallerAccessToWebResource * Rename the method's argument from "resource" to "urlPattern" * Remove the overloaded method that defaults to GET, specify that if no parameters are provided for "methods" that GET is assumed. (addressing the "many methods concern somewhat) * Clarify that all containers in Java EE are allowed to call the method * Clarify that is the caller is not authenticated at all, and the resource is non-public a false is returned * Clarify that Section 11.2 of the Servlet spec is meant, instead of just "the servlet spec" Kind regards, Arjan Tijms
More All Messages By This Member

Join javaee-security-spec@javaee.groups.io to automatically receive all group messages.