| Author |
Doubt in Auth-Constraint
|
Padma priya Gururajan
Ranch Hand
Joined: Oct 05, 2006
Posts: 411
|
|
<security-constraint>
....
<auth-constraint>
<role-name>Member<role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
...
<auth-constraint/>
</security-constraint>
My doubt is who is given access?
Thanks in advance.
|
Padma priya N.G.
Be the change you want to be - Mahatma Gandhi
|
 |
Khadija Lokhandwala
Ranch Hand
Joined: Sep 11, 2007
Posts: 33
|
|
Hi,
when any role name is combined with an empty <auth-constraint/> tag, no one is given access.
So , in your case no one (not even Member) can access it.
Thanks
|
If you ask me anything I don't know, I'm not going to answer.<br />--Yogi Berra
|
|
Joe Harry
Ranch Hand
Joined: Sep 26, 2006
Posts: 8795
|
|
|
This is very clearly explained in the Head First in the security chapters.
|
SCJP 1.4, SCWCD 1.4 - Hints for you, SCBCD Hints - Demnachst, SCDJWS - Auch Demnachst
Did a rm -R / to find out that I lost my entire Linux installation!
|
|
Sandeep Vaid
Ranch Hand
Joined: Feb 27, 2006
Posts: 390
|
|
If the same url (resource) are constrained, then only no one will be able to access the constrained resource..
|
|
 |
|
|
subject: Doubt in Auth-Constraint
|
|
|
0
