I have a JSF application and I want to have a Search page that needs to be accessed from within the application after logging in and also directly by typing in the Search URL.
The following should be possible,
1. User logs in to my site and he clicks the Search link to perform his search.
2. User should also have an option to directly access the Search page by typing in the URL and perform his searches. He should not be bothered to Login in to the application inorder perform this search
You can configure the web.xml to exclude some resources from security by declaring the web resource and pattern in a security-constraint with no roles. See examples here:http://java.dzone.com/articles/understanding-web-security