Security Constraint Any role user=jetty password=jetty
Security Constraint Admin role user=admin password=admin
Security Constraint Relaxed constraint, using role = NONE
Security Constraint No access.
Error Page Custom page for 404 status.
Error Page Custom page for NullPointerException.
Jetty makes the following interpretations:
<security-constraint> <web-resource-collection> <url-pattern>/</url-pattern> </web-resource-collection> </security-constraint>Specific access should be granted with constraints like:
<security-constraint> <web-resource-collection> <url-pattern>/public/*</url-pattern> <url-pattern>/images/*</url-pattern> <http-method>GET</http-method> <http-method>HEAD</http-method> </web-resource-collection> <web-resource-collection> <url-pattern>/servlet/*</url-pattern> <http-method>GET</http-method> <http-method>HEAD</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>NONE</role-name> </auth-constraint> </security-constraint>