0

Some How i am blocking resources(External Folders and Jars Folder) ? I don't know how to configure this in XML.

Project Directory 

    <!-- Page level Spring Security : Intercept access to resources in /pages/secure/** -->
    <sec:intercept-url pattern="/pages/secure/**" access="hasRole('ROLE_MODERATOR')" />

    <!-- Page level Spring Security : Permit access to resources in /pages/unsecure/** -->
    <sec:intercept-url pattern="/pages/unsecure/**" access="permitAll"/>

    <!-- Page level Spring Security : Intercept access to resources in /** -->
    <sec:intercept-url pattern="/**" access="hasRole('ROLE_MODERATOR')"/>

    <!-- Page level Spring Security : Enable Primefaces -->
    <sec:intercept-url pattern="/javax.faces.resource/**" access="permitAll"/>

    <!-- Define login page for Spring Security -->
    <sec:form-login login-page="/pages/unsecure/login_bootstrap.xhtml"/>

    <!-- Define logout properties for Spring Security -->
    <sec:logout invalidate-session="true" delete-cookies="true" logout-success-url="/"></sec:logout>
</sec:http>
Jivesh Relhan
  • 60
  • 9
  • Same cause as this: http://stackoverflow.com/questions/28373178/primefaces-based-application-with-picketlink-does-not-show-style-in-login-page – Kukeltje Oct 26 '15 at 11:38
  • I have already exclude faces.resources from security. Still facing issue . – Jivesh Relhan Oct 26 '15 at 13:02
  • order of rules? http://stackoverflow.com/questions/15998746/order-of-intercept-url-patterns-in-spring-security – Kukeltje Oct 26 '15 at 14:11

0 Answers0