Two Laptop Bag*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes isUserInRole() clarification please Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "isUserInRole() clarification please" Watch "isUserInRole() clarification please" New topic
Author

isUserInRole() clarification please

Garlapati Ravi
Ranch Hand

Joined: Mar 05, 2008
Posts: 168
Hi All,

I was trying to understand the security related stuff which was there in web.xml in my project which i am working on, in a company.

they were doing request.isUserInRole("ViewPage"), to hide a perticular button.
But i dont see any entry in <security-role-ref> for "ViewPage" role in web.xml

i found an entry as below for "ViewPage",

no where in web.xml i found <security-role-ref> or <role-link> elements,
my question is, how come request.isUserInRole("ViewPage") is working ?

Regards,
Ravi


Ravi Kumar
SCWCD 5 - 89%, SCJP 1.4 - 90%
Musab Al-Rawi
Ranch Hand

Joined: Aug 06, 2007
Posts: 231
You will need the security-role-ref only in one case: if the developer is using his own names that don't map to roles defined in tomcat-users.xml. in this case you want to map the user defined roles used in the code to roles defined in realm.


SCBCD - SCWCD - SCJD - SCJP - OCA
 
Consider Paul's rocket mass heater.
 
subject: isUserInRole() clarification please
 
Similar Threads
role-link and role-name elements?
related to auth constraint
role-link and role-name elements?
Blocking jsp
Question on multiple security-constraint elements