aspose file tools*
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes dueling auth-constraint element Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "dueling auth-constraint element" Watch "dueling auth-constraint element" New topic
Author

dueling auth-constraint element

A. Aka
Ranch Hand

Joined: Sep 08, 2012
Posts: 52
Hi,

in JFSJ page 671, when two <security-constraint> element have an overlapping, how the container will solve access if he finds this


Thanks,
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1712
    
  25

Straight from the specs:

Servlet 2.4 12.8.1 Combining Constraints
Servlet 3.0 13.8.1 Combining Constraints
The special case of an authorization constraint that names no roles shall combine with any other constraints to override their affects and cause access to be precluded.

Regards,
Frits
A. Aka
Ranch Hand

Joined: Sep 08, 2012
Posts: 52
to sum up, no one will have access the constrained resource
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1712
    
  25

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: dueling auth-constraint element