File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Question about auth-constraint Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Question about auth-constraint" Watch "Question about auth-constraint" New topic
Author

Question about auth-constraint

alzamabar
Ranch Hand

Joined: Jul 24, 2002
Posts: 379
What happens if two conflicting <security-constraint> elements have got the following declaration for the same resource (let's say /secureServet/*):

Security constraint A:

<auth-constraint />

Security constraint B:

<auth-constraint>
<role-name>*</role-name>
</auth-constraint>

How will the resulting table be defined? With nobody or everybody?


Marco Tedone<br />SCJP1.4,SCJP5,SCBCD,SCWCD
Jose Esteban
Ranch Hand

Joined: Nov 28, 2004
Posts: 102
The Servlet 2.4 (SRV.12.8.1) spec says:
"The special case of an authorization constraint that names no roles shall combine with any other constraints to override their affects and cause access to be precluded."

So the answer is NOBODY.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Question about auth-constraint
 
Similar Threads
HFS Mock Exam - Q29 - Is the question correct? - Auth-constraint
Doubt in Auth-Constraint
Doubt about auth-constraint
doubt in auth-constraint
<auth-constraint>