Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

security.xml file

 
Vanchi Nathan
Ranch Hand
Posts: 107
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is there a xml file called "security.xml" that can be define to do security for an web application?
If so, where can i find the details of those elements that can be used in the security.xml file?
thanks in advance
vanchin
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13047
6
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Are you talking about security in terms of what an application is allowed to do, or in terms of what an individual user is allowed to do?
You might look at http://jakarta.apache.org/tomcat/tomcat-4.1-doc/index.html this tomcat documentation for several security related topics and the implementation in Tomcat.
Bill
 
Vanchi Nathan
Ranch Hand
Posts: 107
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,
Actually, I got a webapplication (war file); in it there is a "security.xml" file in 'WEB-INF' folder. The xml file contains the following contents...i don't know whether this configuration is correct... the "security.xml" contents is as follows:
-----------------
<security>
<security-bypass>
<url-pattern>/do/login</url-pattern>
<url-pattern>/do/notAuthorized</url-pattern>
</security-bypass>
<security-constraint>
<display-name>XPlanner View Constraints</display-name>
<web-resource-collection>
<web-resource-name>XPlanner Viewing</web-resource-name>
<url-pattern>/do/view/*</url-pattern>
<url-pattern>/do/export/*</url-pattern>
<url-pattern>/do/edit/person</url-pattern>
<url-pattern>/index.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>viewer</role-name>
<role-name>editor</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>XPlanner Edit Constraints</display-name>
<web-resource-collection>
<web-resource-name>XPlanner Editing</web-resource-name>
<url-pattern>/do/edit/*</url-pattern>
<url-pattern>/do/delete/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>editor</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>editor</role-name>
</security-role>
<security-role>
<role-name>viewer</role-name>
</security-role>
<security-role>
<role-name>admin</role-name>
</security-role>
</security>
---------------
So, pl. help me to understand usage of this file...
thanks
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic