I'm developing a web application using Google App Engine and GWT. I'm using the provided authentication with Google Accounts, so my web.xml contains these lines:
<security-constraint>
<web-resource-collection>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
I need a particular servlet to be free from Google Authentication, because it will be called by Android devices. Please do not suggest a way to authenticate the device because it will not suit my needs.
How can I set up my project so that everything is secured under authentication and just one servlet is not?
Why can't you just:
1)modify the url of the contraint
<security-constraint>
<web-resource-collection>
<url-pattern>/protected/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
2) move everything into /protected
3) put the android stuff someplace else ... either in / or an new folder /android
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.