wood burning stoves*
The moose likes Servlets and the fly likes <security-constraint> element Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "&lt;security-constraint&gt; element " Watch "&lt;security-constraint&gt; element " New topic

&lt;security-constraint&gt; element

Hamzah khammash

Joined: Jan 05, 2012
Posts: 23

I have question about <security-constraint> element in case i have 2 <security-constrain> elements one of them have <auth-constraint> element and its cover all roles and the
other <security-constrain> have <auth-contraint/> elements with no role selected and both of them have the same resource and <url-patteren>
in this case which <security-constrain> will execute ?
shivam singhal
Ranch Hand

Joined: Jul 15, 2012
Posts: 215

In the above mentioned case none of the defined role can excess the resource via the Http-method mentioned in the 2nd <security-constraint>
It is sorta covered in the JavaRanch Style Guide.
subject: &lt;security-constraint&gt; element
Similar Threads
multiple security-constraint elements interaction
auth-constraint doubt
No of <auth-constraint> tags
HFS exercise on page 658
Authorisation related