I need to define the below section from web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>restrict-all</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>client-validated</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>CLIENT-CERT</auth-method>
</login-config>
How can I do this?
I found some part of this. But can't figure out the rest.
public void enableSecuritySSL(ServletRegistration.Dynamic servlet) {
HttpConstraintElement forceHttpsConstraint = new HttpConstraintElement(
ServletSecurity.TransportGuarantee.CONFIDENTIAL, new String[0]);
ServletSecurityElement securityElement = new ServletSecurityElement(forceHttpsConstraint);
servlet.setServletSecurity(securityElement);
}
}
Aucun commentaire:
Enregistrer un commentaire