-
@Documented @Retention(value=RUNTIME) public @interface HttpConstraint
This annotation is used within theServletSecurityannotation to represent the security constraints to be applied to all HTTP protocol methods for which a correspondingHttpMethodConstraintelement does NOT occur within theServletSecurityannotation.For the special case where an
@HttpConstraintthat returns all default values occurs in combination with at least oneHttpMethodConstraintthat returns other than all default values, the@HttpConstraintrepresents that no security constraint is to be applied to any of the HTTP protocol methods to which a security constraint would otherwise apply. This exception is made to ensure that such potentially non-specific uses of@HttpConstraintdo not yield constraints that will explicitly establish unprotected access for such methods; given that they would not otherwise be covered by a constraint.- Since:
- Servlet 3.0
-
-
Optional Element Summary
Optional Elements Modifier and Type Optional Element and Description String[]rolesAllowedThe names of the authorized roles.ServletSecurity.TransportGuaranteetransportGuaranteeThe data protection requirements (i.e., whether or not SSL/TLS is required) that must be satisfied by the connections on which requests arrive.ServletSecurity.EmptyRoleSemanticvalueThe default authorization semantic.
-
-
-
Element Detail
-
value
public abstract ServletSecurity.EmptyRoleSemantic value
The default authorization semantic. This value is insignificant whenrolesAllowedreturns a non-empty array, and should not be specified when a non-empty array is specified for rolesAllowed.- Returns:
- the
ServletSecurity.EmptyRoleSemanticto be applied whenrolesAllowedreturns an empty (that is, zero-length) array.
- Default:
- javax.servlet.annotation.ServletSecurity.EmptyRoleSemantic.PERMIT
-
-
-
transportGuarantee
public abstract ServletSecurity.TransportGuarantee transportGuarantee
The data protection requirements (i.e., whether or not SSL/TLS is required) that must be satisfied by the connections on which requests arrive.- Returns:
- the
ServletSecurity.TransportGuaranteeindicating the data protection that must be provided by the connection.
- Default:
- javax.servlet.annotation.ServletSecurity.TransportGuarantee.NONE
-
-
-
rolesAllowed
public abstract String[] rolesAllowed
The names of the authorized roles. Duplicate role names appearing in rolesAllowed are insignificant and may be discarded during runtime processing of the annotation. The String "*" has no special meaning as a role name (should it occur in rolesAllowed).- Returns:
- an array of zero or more role names. When the array contains
zero elements, its meaning depends on the
EmptyRoleSemanticreturned by thevaluemethod. Ifvaluereturns DENY, androlesAllowedreturns a zero length array, access is to be denied independent of authentication state and identity. Conversely, ifvaluereturnsPERMIT, it indicates that access is to be allowed independent of authentication state and identity. When the array contains the names of one or more roles, it indicates that access is contingent on membership in at least one of the named roles (independent of theEmptyRoleSemanticreturned by thevaluemethod).
- Default:
- {}
-
-
Traduction non disponible
Les API Java ne sont pas encore traduites en français sur l'infobrol. Seule la version anglaise est disponible pour l'instant.
Version en cache
21/08/2025 18:32:24 Cette version de la page est en cache (à la date du 21/08/2025 18:32:24) afin d'accélérer le traitement.Vous pouvez activer le mode utilisateur dans le menu en haut pour afficher la version plus récente de la page.
Document créé le 11/06/2005, dernière modification le 18/08/2025
Source du document imprimé : https://www.gaudry.be/java-api-javaee-rf-javax/servlet/annotation/httpconstraint.html
L'infobrol est un site personnel dont le contenu n'engage que moi. Le texte est mis à disposition sous licence CreativeCommons(BY-NC-SA). Plus d'info sur les conditions d'utilisation et sur l'auteur.
Références
Ces références et liens indiquent des documents consultés lors de la rédaction de cette page, ou qui peuvent apporter un complément d'information, mais les auteurs de ces sources ne peuvent être tenus responsables du contenu de cette page.
L'auteur de ce site est seul responsable de la manière dont sont présentés ici les différents concepts, et des libertés qui sont prises avec les ouvrages de référence. N'oubliez pas que vous devez croiser les informations de sources multiples afin de diminuer les risques d'erreurs.