Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

security-role & security-role-ref

 
NDP Prasad
Ranch Hand
Posts: 177
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
1. what is the difference between the <security-role-ref> and <security-role>?
 
Mark Garland
Ranch Hand
Posts: 226
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I believe <security-role> is used for defining the roles in your web app, and is used by the container to map its roles to those in your DD.

<security-role-ref> on the other hand is where declarative programmatic security has been used.
If request.isUserInRole("Boss") has been used, but your app has no declaration of a 'Boss' role because you have used 'Manager', you can use <security-role-ref> to tell the container that 'Boss' means 'Manager'.

Open to corrections on this one as I'm learning too!
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic