• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

Doubt in Security contraints  RSS feed

 
Ranch Hand
Posts: 240
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I have an doubt when more than one <url-pattern> elements overlap.
If a <secutiry-constraint> element has no <auth-constraint> element, everyone can accesses the resource.

If a <secutiry-constraint> element has a empty <auth-constraint> element,
no one can accesses the resource.

But if both exits ? What will happen ?
Here�s a snippet.




Regards,
 
Ranch Hand
Posts: 128
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
As I know empty one - <auth-constraint/> is ALWAYS WIN.
 
Ranch Hand
Posts: 1066
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have an doubt when more than one <url-pattern> elements overlap.
If a <secutiry-constraint> element has no <auth-constraint> element, everyone can accesses the resource.

If a <secutiry-constraint> element has a empty <auth-constraint> element, no one can accesses the resource.
But if both exits ? What will happen ?

Serghei is right. In this case, nobody can access the resource!

Refer HF book, Chap 12, page: 639 (Dueling <auth-constraint> elemets table)
 
Eusebio Floriano
Ranch Hand
Posts: 240
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, i�ll take a look.

Thx a lot.

Regards,
 
Ranch Hand
Posts: 172
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yeah....no one can access the resource....
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!