To pass globally:
<global-allowed-methods>regex:prefix(.*)suffix</global-allowed-methods>
On 5 February 2016 at 14:25, Christoph Nenning <
christoph.nenn...@lex-com.net> wrote:
> > Hi,
> >
> > There is a huge discussion about how SMI should work in case of using
> > wildcard mapping [1]. Basically when action is defined as follow:
> >
> > <action name="person*" class="com.demo.PersonAction" method="{1}">
> > <result name="success">view.jsp</result>
> > <result name="input">input.jsp</result>
> > </action>
> >
> > SMI will allow access any method in PersonAction class because {1} is
> > translated into RegEx (.*) - as you can see SMI simply won't work
> > here.
> >
> > Greg propose to drop the translation ({1} -> (.*)) and only base on
> > what was defined in <global-allowed-methods/> or <allowed-method/> in
> > that case, thus will truly limit access to methods.
> >
> > wdyt?
> >
>
>
> I agree with Greg. {1} should not be translated to (.*). Is it possible
> for action to define own allowed methods in this case (besides
> annotations)?
>
>
>
>
> Regards,
> Christoph
>
> This Email was scanned by Sophos Anti Virus
>
