aspose file tools
The moose likes Tomcat and the fly likes Overlapping security constraints Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Reply Bookmark "Overlapping security constraints" Watch "Overlapping security constraints" New topic
Author

Overlapping security constraints

Greg Donahue
Greenhorn

Joined: Oct 07, 2003
Posts: 24
posted private message
0
Quote
Hi,
Does anyone know where in the Tomcat 4 documentation I can find details on creating "overlapping" security constraints? What I'm trying to do is guard URL patterns of the form:
/root
and
/root/*
from everyone except users with role "general_user", but then I also want to put added protections on URL patterns of the form:
/root/username/private
and
/root/username/private/*
so that these resources are guarded from everyone except users with role "specific_user:username". I know how to create roles and security constraints in my app's memory realm and the web.xml, but when I tried to do the above, the "general_user" users are allowed to access files in /root/username/private. Does anyone know what I should do?
Thanks,
Greg

vi veri veniversum vivus vici
 
I agree. Here's the link: http://zeroturnaround.com/jrebel - it saves me about five hours per week
 
subject: Overlapping security constraints
 
Similar Threads
Studying HeadFirst book: cannot make authentification
How to set a user's role
howto config two security-constraints?
access control with realm db
security constraints - login doesnt work