File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes dueling auth-constraint element Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "dueling auth-constraint element" Watch "dueling auth-constraint element" New topic
Author

dueling auth-constraint element

A. Aka
Ranch Hand

Joined: Sep 08, 2012
Posts: 44
Hi,

in JFSJ page 671, when two <security-constraint> element have an overlapping, how the container will solve access if he finds this


Thanks,
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1518
    
  22

Straight from the specs:

Servlet 2.4 12.8.1 Combining Constraints
Servlet 3.0 13.8.1 Combining Constraints
The special case of an authorization constraint that names no roles shall combine with any other constraints to override their affects and cause access to be precluded.

Regards,
Frits
A. Aka
Ranch Hand

Joined: Sep 08, 2012
Posts: 44
to sum up, no one will have access the constrained resource
Frits Walraven
Creator of Enthuware JWS+ V6
Bartender

Joined: Apr 07, 2010
Posts: 1518
    
  22

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: dueling auth-constraint element
 
Similar Threads
Head first book mock exam doubt
<Security-role> in web.xml
Regarding Security Constraint
Mock question about <auth-constraint>
Difference between empty auth-constraint and no auth-constraint.