my dog learned polymorphism*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes SRV.13.4.2 security-role Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "SRV.13.4.2 security-role" Watch "SRV.13.4.2 security-role" New topic
Author

SRV.13.4.2 security-role

rahul dighe
Ranch Hand

Joined: Apr 17, 2001
Posts: 44
if u look at the 2.3 servlet spec article SRV.13.4.2 which is the example of a security.
shouldn't the <security-role> comes way afterwards , if you look at the DTD , am i missing something here or is that example wrong ?
<!ELEMENT web-app (icon?, display-name?, description?,
distributable?, context-param*, filter*, filter-mapping*,
listener*, servlet*, servlet-mapping*, session-config?, mime-
mapping*, welcome-file-list?, error-page*, taglib*, resource-
env-ref*, resource-ref*, security-constraint*, login-config?,
security-role*, env-entry*, ejb-ref*, ejb-local-ref*)>


<BR>Rahul Dighe
rahul dighe
Ranch Hand

Joined: Apr 17, 2001
Posts: 44
just in case someone doesnt' have access to 2.3 servlet specs this is the example
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Appli-
cation 2.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>
<display-name>A Secure Application</display-name>
<security-role>
<role-name>manager</role-name>
</security-role>
<servlet>
<servlet-name>catalog</servlet-name>
<servlet-class>com.mycorp.CatalogServlet
</servlet-class>
<init-param>ഊDEPLOYMENT DESCRIPTOR
118
<param-name>catalog</param-name>
<param-value>Spring</param-value>
</init-param>
<security-role-ref>
<role-name>MGR</role-name>
<!-- role name used in code -->
<role-link>manager</role-link>
</security-role-ref>
</servlet>
<servlet-mapping>
<servlet-name>catalog</servlet-name>
<url-pattern>/catalog/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>SalesInfo
</web-resource-name>
<url-pattern>/salesinfo/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL
</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
Dani Mazzuca
Ranch Hand

Joined: May 21, 2003
Posts: 70
Hi,
you are right. In this example <security-role> comes just before </web-app>.
In a complete web.xml it comes after <login-config>
Dani
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: SRV.13.4.2 security-role