Win a copy of Spring Boot in Practice this week in the Spring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Liutauras Vilda
  • Henry Wong
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Al Hobbs
  • Carey Brown
Bartenders:
  • Piet Souris
  • Mikalai Zaikin
  • Himai Minh

Programatic Security?

 
Ranch Hand
Posts: 10198
3
Mac PPC Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Guys,

Will there be questions on programatic security on the exam??
 
Ranch Hand
Posts: 643
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
For programatic security you should know everything about
request.isUserInRole(String role)
 
Ranch Hand
Posts: 1277
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
yes..
in a nutshell..

request.isUserInRole("manager");

<security-role-ref>
<role-link>manager</role-link>
<role-name>admin</role-name>
</security-role-ref>

the whold thing in programatic security is that we can use to authorize the user on some specific portions of a method, and also we can use it to map the hard coded roles in the servlet, to those that actually mean something to us..! in other words, "manager" was the role that made sense to some developer who wrot the security code, but when we inherited his code, our company has "admin" role which is equivalent to the role called "manager"
this helps us to avoid going around all the servlets and change the "manager" to admin"

hth
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic