This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
Hi, Does anyone know where in the Tomcat 4 documentation I can find details on creating "overlapping" security constraints? What I'm trying to do is guard URL patterns of the form: /root and /root/* from everyone except users with role "general_user", but then I also want to put added protections on URL patterns of the form: /root/username/private and /root/username/private/* so that these resources are guarded from everyone except users with role "specific_user:username". I know how to create roles and security constraints in my app's memory realm and the web.xml, but when I tried to do the above, the "general_user" users are allowed to access files in /root/username/private. Does anyone know what I should do? Thanks, Greg