Spring Security Hiccups
In any web-application some pages are secured (only logged in and authorized users with proper role can access) and some pages are not secured such as login or landing page. But sometimes we need a mix-n-match, such as some information user can view without proper access(login) but they need rights(such as login) to perform additional activities. here is an example - in amazon or any retail site you can view products, but you need to login to buy the product - the buy now button will ask for your credentials. Images, css , Javascript dont require security < sec:http pattern = "/css/**" security = "none" /> < sec:http pattern = "/gwt/**" security = "none" /> < sec:http pattern = "/images/**" security = "none" /> < sec:http pattern = "/img/**" security = "none" /> < sec:http pattern = "/scripts/**" security = "none" /> Logon...