Does this means that, the combination of empty auth constraint and auth constraint with * gives access to all?
I am thinking that empty constraint prevents access to all as per HFSJ
Sai Surya, SCJP 5.0, SCWCD 5.0, IBM 833 834
http://sai-surya-talk.blogspot.com, I believe in Murphy's law.