To configure security on a specific component, use the resource
tag. This tag, along with the component attribute, allows you to define which users have access to the specified component. You could disable security entirely for the specified component by using the optional secure
attribute.
In the following example, the /some/Component
component is configured so that only the user whose login is restAdmin
has full access to it; users with the restUser
role only have read access. In addition, the /some/other/Component
component is configured to disable security.
<rest-security> <default-acl value="Profile$role$restUser:read,write,execute"/> <resource component="/some/Component"> <default-acl value="Profile$login$restAdmin:read,write,execute; Profile$role$restUser:read"/> </resource> <resource component="/some/other/Component" secure="false"/> </resource> </rest-security>