The errata from
http://www.oreilly.com/catalog/headservletsjsp/errata/headservletsjsp.confirmed says
==================
[637] Case 2;
The second row should not have Diane and Annie crossed out.
All of these users would have permission to use the webapp.
==================
Is this correct.
From the DD snippet shown for second row, it looks like only the "Guest" role should have access to the constrained request.
here is the DD snippet from the book.
=============================
<security-constraint>
<auth-constraint>
<role-name>Guest</role-name>
</auth-constraint>
</security-constraint>
=============================
thanks in advance for your time.
ram
[ April 24, 2005: Message edited by: s ramaswamy ]
[ April 24, 2005: Message edited by: s ramaswamy ]