Hi all,
When I annotate a UI object with @CDIUI(“index”) and two servlet mappings, both URLs
/secure/admin/index and /login/index instantiate the same UI.
The problem is that only the first URL should be allowed. The UI should not react to the second URL.
How can I secure my index page and make my UI react to /secure/admin/index only ?
I tried to use @URLMapping but to no avail.
This is my web.xml (with platform JBOSS EAP7-JEE 6)
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/secure/</url-pattern>
</web-resource-collection>
</security-constraint>
<servlet>
<servlet-name>VAADIN</servlet-name>
<servlet-class>com.vaadin.cdi.server.VaadinCDIServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>VAADIN</servlet-name>
<url-pattern>/login/</url-pattern>
<url-pattern>/error/</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>VAADIN</servlet-name>
<url-pattern>/secure/admin/*</url-pattern>
<url-pattern>/VAADIN/</url-pattern>
</servlet-mapping>
Thank you for putting me on the right track.