File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes declarative authorization not working Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "declarative authorization not working" Watch "declarative authorization not working" New topic

declarative authorization not working

ankur rathi
Ranch Hand

Joined: Oct 11, 2004
Posts: 3830

This is my web.xml:













Where these three roles are present in my tomcat-users.xml. No other role is there in tomcat-users.xml.

And I have a JSP restrict.jsp on root. When I access this JSP directly I shouldn't be allowed. As no <role-name> is present in <auth-constraint> means no role is allowed. But I can access this JSP. Why so?

[ June 02, 2007: Message edited by: ankur rathi ]
I agree. Here's the link:
subject: declarative authorization not working
It's not a secret anymore!