This week's book giveaway is in the OO, Patterns, UML and Refactoring forum.
We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line!
See this thread for details.
The moose likes Servlets and the fly likes declarative authorization not working Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

JavaRanch » Java Forums » Java » Servlets
Bookmark "declarative authorization not working" Watch "declarative authorization not working" New topic

declarative authorization not working

ankur rathi
Ranch Hand

Joined: Oct 11, 2004
Posts: 3830

This is my web.xml:













Where these three roles are present in my tomcat-users.xml. No other role is there in tomcat-users.xml.

And I have a JSP restrict.jsp on root. When I access this JSP directly I shouldn't be allowed. As no <role-name> is present in <auth-constraint> means no role is allowed. But I can access this JSP. Why so?

[ June 02, 2007: Message edited by: ankur rathi ]
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link:
subject: declarative authorization not working
jQuery in Action, 3rd edition