Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

[jdiscuss][mock][question]

 
S.L.Narayanan
Ranch Hand
Posts: 431
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi friends
I got a question as follows:



My answer was B. But the answer given was A. How it is possible?. As far as I know if we use the name given in <role-link> directly in the isUserInRole() method then it should directly map to the role. Am I right?
 
Narendra Dhande
Ranch Hand
Posts: 951
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

<security-role-ref>
<role-name>manager</role-name>
<role-link>supervisor</role-link>
</security-role-ref>


<security-role-ref> element, combined with <security> element can link a security role name used in a servlet as the argument to HttpServletRequest.isUserInRole() method to a role name known by the web container. All role names definded by <security-role> elements must be mapped to users and/or groups known by the web container. How this is done is container dependent. The <security-role-element> allows you to use servlet that uses a role name in the isUserRole() method that is not defined by a <security-role> elemnt. A typical scenario where this can be useful is whem you combine servlets from different sources into one application, and the servlets use different role names for tyhe same logical role.

So I think the given answer is correct.

Thanks
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic