This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Tomcat and the fly likes Neat Way of Writing my web.xml Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Neat Way of Writing my web.xml" Watch "Neat Way of Writing my web.xml" New topic

Neat Way of Writing my web.xml

Dean Chester
Ranch Hand

Joined: Jul 26, 2009
Posts: 31
I Currently have my web.xml file looking like this:

Before I had this yet i need to keep reauthorizing my self:

So i ask is there anyway i can get this to work?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15949

Yow! I'm all for container-based security, but this is a bit much. Did you assign a unique security role for each user?

About the most number of roles I've ever needed was 8. Something like: anonymous (not logged in), user, app_administrator, sysadmin, programmer, auditor, data_loader, scoring_table_modiifier and querent.

If I really needed more distinct roles than that, I'd probably do them fine-grained and add supporting logic.

I also normally zone out my URLs. For example, all admin functionality is under /admin, so that I can do a pattern-matched rule check rather than a rule for each discrete URL.

Customer surveys are for companies who didn't pay proper attention to begin with.
wood burning stoves
subject: Neat Way of Writing my web.xml
Similar Threads
Keep having to login with container based authentaction.
web.xml security constraint won't work with roles
request. get User Principal(). getName() do not retreive user name
Form Authentication not working
Redirection after realm authentication