Picky <security-constraint> rules for <auth-constraint> sub-elements
Even though it’s got constraint in its name, this is the sub-element that specifies which roles are ALLOWED to access the web resources specified by the <web-resource-collection> sub-element(s).
The <auth-constraint> sub-element of <security-constraint>
Get Head First Servlets and JSP, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.