Hello All,
I am trying to configure web.xml to have both protected and public URLs but still the app authenticates the public URLs. Protected URLs works fine. I would greatly appreciate if you can help to configure the whole application has protected except for few URLs which should be public and without authentication. I could have added each URL for protected but there are plenty hence using /* for protected. *protected URLs* <security-constraint> <web-resource-collection> <web-resource-name>Protected</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>AUTHENTICATED_USERS</role-name> </auth-constraint> </security-constraint> *public URLs* <security-constraint> <web-resource-collection> <web-resource-name>Unprotected</web-resource-name> <url-pattern>/public/welcome.html</url-pattern> </web-resource-collection> </security-constraint> Thanks in advance. Thanks Yogesh