Package jakarta.servlet.annotation

Annotation Interface ServletSecurity

@Inherited
@Documented
@Target(TYPE)
@Retention(RUNTIME)
public @interface ServletSecurity

This annotation is used on a Servlet implementation class to specify security constraints to be enforced by a Servlet container on HTTP protocol messages. The Servlet container will enforce these constraints on the url-patterns mapped to the servlets mapped to the annotated class.

Since:

Servlet 3.0

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static enum	ServletSecurity.EmptyRoleSemantic	Defines the access semantic to be applied to an empty rolesAllowed array.
static enum	ServletSecurity.TransportGuarantee	Defines the data protection requirements that must be satisfied by the transport

Optional Element Summary

Optional Elements

Modifier and Type	Optional Element	Description
HttpMethodConstraint[]	httpMethodConstraints	Get the HTTP method specific constraints.
HttpConstraint	value	Get the HttpConstraint that defines the protection that is to be applied to all HTTP methods that are NOT represented in the array returned by httpMethodConstraints.

Element Details

value

HttpConstraint value

Get the HttpConstraint that defines the protection that is to be applied to all HTTP methods that are NOT represented in the array returned by httpMethodConstraints.

Returns:

a HttpConstraint object.

Default:

@jakarta.servlet.annotation.HttpConstraint

httpMethodConstraints

HttpMethodConstraint[] httpMethodConstraints

Get the HTTP method specific constraints. Each HttpMethodConstraint names an HTTP protocol method and defines the protection to be applied to it.

Returns:

an array of HttpMethodConstraint elements each defining the protection to be applied to one HTTP protocol method. For any HTTP method name, there must be at most one corresponding element in the returned array. If the returned array is of zero length, it indicates that no HTTP method specific constraints are defined.

Default:

{}