aspose file tools*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Confirmation required about <security-role> element. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Confirmation required about <security-role> element." Watch "Confirmation required about <security-role> element." New topic
Author

Confirmation required about <security-role> element.

Abimaran Kugathasan
Ranch Hand

Joined: Nov 04, 2009
Posts: 2066

In a Web application, what is the usage of <!ELEMENT security-role (description?, role-name)>? If I don't declared the roles used in the web application, what is the impact?

Just to inform the container, that these are the roles used in the application?

Thanks!


|BSc in Electronic Eng| |SCJP 6.0 91%| |SCWCD 5 92%|
Parth Twari
Ranch Hand

Joined: Jan 20, 2010
Posts: 163
Just to inform the container, that these are the roles used in the application?


yes

if you dont tell container about roles used in application then the things such as isUserinRole and <auth-constraint><role-name>
won't recognize the roles.


Parth Tiwari
| Pursuing Bachelor of Engineering | OSUM Club Leader | SCJP 6 | SCWCD 5 |...
Abimaran Kugathasan
Ranch Hand

Joined: Nov 04, 2009
Posts: 2066

Thanks Parth, Don't the server get them from the Database, if it used?
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1734
    
  25

Don't the server get them from the Database, if it used?

When designing a web-app you will have to think of the different actors involved in your use-cases. These groups of users you will have to make available to the container by using the <security-role> element.

How you map explicit users to a role-name is typically done by storing that information (user and roles) in a database. This is however not necessary, in tomcat, you can define them in a simple property file (tomcat-users.xml)

Regards,
Frits
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Confirmation required about <security-role> element.