File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Doubt in Auth-Constraint Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Doubt in Auth-Constraint" Watch "Doubt in Auth-Constraint" New topic

Doubt in Auth-Constraint

Padma priya Gururajan
Ranch Hand

Joined: Oct 05, 2006
Posts: 437


My doubt is who is given access?

Thanks in advance.

Padma priya N.G.
Be the change you want to be - Mahatma Gandhi
Khadija Lokhandwala
Ranch Hand

Joined: Sep 11, 2007
Posts: 33
when any role name is combined with an empty <auth-constraint/> tag, no one is given access.
So , in your case no one (not even Member) can access it.

If you ask me anything I don't know, I'm not going to answer.<br />--Yogi Berra
Joe Harry
Ranch Hand

Joined: Sep 26, 2006
Posts: 10032

This is very clearly explained in the Head First in the security chapters.

SCJP 1.4, SCWCD 1.4 - Hints for you, Certified Scrum Master
Did a rm -R / to find out that I lost my entire Linux installation!
Sandeep Vaid
Ranch Hand

Joined: Feb 27, 2006
Posts: 392

If the same url (resource) are constrained, then only no one will be able to access the constrained resource..
I agree. Here's the link:
subject: Doubt in Auth-Constraint
It's not a secret anymore!