| Author |
Is auth-constraint related to security-role?
|
Rick Roberts
Ranch Hand
Joined: Apr 07, 2005
Posts: 59
|
|
I have searched HFS&J and Mikalai Zaikin's Notes and still don't understand this concept. Maybe the answer is there and I just missed it but:
Is the <role-name> element in <auth-constraint> related to the <role-name>
element in <security-role> ?
Edited to include a code example:
Thanks
[ October 15, 2006: Message edited by: Rick Roberts ]
|
SCJP
"Stay on the path."
|
 |
Kai Witte
Ranch Hand
Joined: Jul 17, 2004
Posts: 354
|
|
hello,
yes. Normally in auth-constraint only roles which are declared using security-role would be used.
Kai
|
Kai Witte's business website Kai Witte's private homepage Mock exam / preparation kit reviews
|
|
Rick Roberts
Ranch Hand
Joined: Apr 07, 2005
Posts: 59
|
|
|
Does that mean that a <security-role> <role-name> is required before you can use <auth-constraint> <role-name> ?
|
|
Kai Witte
Ranch Hand
Joined: Jul 17, 2004
Posts: 354
|
|
hello,
without the security-role declaration the container would normally not be able to (or is not allowed to be able to?) map the role names in the auth-constraint to the ones that are set up in the container-specific configuration.
I recommend to just set up such a system, for example with the Tomcat MemoryRealm.
Kai
|
|
Rick Roberts
Ranch Hand
Joined: Apr 07, 2005
Posts: 59
|
|
I have set it up in my tomcat and I still don't get it.
It doesn't work the way that I expect it would I will probably be able to figure it out. I may have to reference the tomcat docs.
But more importantly, I don't think that HFS&J nor Mikalai's notes gives enough info to understand how this works.
|
|
 |
|
|
subject: Is auth-constraint related to security-role?
|
|
|
0
