aspose file tools*
The moose likes Tomcat and the fly likes security.xml file Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "security.xml file" Watch "security.xml file" New topic
Author

security.xml file

Vanchi Nathan
Ranch Hand

Joined: Feb 24, 2004
Posts: 107
Is there a xml file called "security.xml" that can be define to do security for an web application?
If so, where can i find the details of those elements that can be used in the security.xml file?
thanks in advance
vanchin


Best regards,<br /> <br />vanchin
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12823
    
    5
Are you talking about security in terms of what an application is allowed to do, or in terms of what an individual user is allowed to do?
You might look at http://jakarta.apache.org/tomcat/tomcat-4.1-doc/index.html this tomcat documentation for several security related topics and the implementation in Tomcat.
Bill
Vanchi Nathan
Ranch Hand

Joined: Feb 24, 2004
Posts: 107
Hello,
Actually, I got a webapplication (war file); in it there is a "security.xml" file in 'WEB-INF' folder. The xml file contains the following contents...i don't know whether this configuration is correct... the "security.xml" contents is as follows:
-----------------
<security>
<security-bypass>
<url-pattern>/do/login</url-pattern>
<url-pattern>/do/notAuthorized</url-pattern>
</security-bypass>
<security-constraint>
<display-name>XPlanner View Constraints</display-name>
<web-resource-collection>
<web-resource-name>XPlanner Viewing</web-resource-name>
<url-pattern>/do/view/*</url-pattern>
<url-pattern>/do/export/*</url-pattern>
<url-pattern>/do/edit/person</url-pattern>
<url-pattern>/index.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>viewer</role-name>
<role-name>editor</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>XPlanner Edit Constraints</display-name>
<web-resource-collection>
<web-resource-name>XPlanner Editing</web-resource-name>
<url-pattern>/do/edit/*</url-pattern>
<url-pattern>/do/delete/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>editor</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>editor</role-name>
</security-role>
<security-role>
<role-name>viewer</role-name>
</security-role>
<security-role>
<role-name>admin</role-name>
</security-role>
</security>
---------------
So, pl. help me to understand usage of this file...
thanks
 
 
subject: security.xml file