This week's book giveaway is in the Artificial Intelligence forum.
We're giving away four copies of Pragmatic AI and have Noah Gift on-line!
See this thread for details.
Win a copy of Pragmatic AI this week in the Artificial Intelligence forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Jeanne Boyarsky
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
Sheriffs:
  • Paul Clapham
  • Junilu Lacar
  • Knute Snortum
Saloon Keepers:
  • Ron McLeod
  • Ganesh Patekar
  • Tim Moores
  • Pete Letkeman
  • Stephan van Hulst
Bartenders:
  • Carey Brown
  • Tim Holloway
  • Joe Ess

[jdiscuss][mock][question]  RSS feed

 
Ranch Hand
Posts: 431
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi friends
I got a question as follows:



My answer was B. But the answer given was A. How it is possible?. As far as I know if we use the name given in <role-link> directly in the isUserInRole() method then it should directly map to the role. Am I right?
 
Ranch Hand
Posts: 951
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

<security-role-ref>
<role-name>manager</role-name>
<role-link>supervisor</role-link>
</security-role-ref>



<security-role-ref> element, combined with <security> element can link a security role name used in a servlet as the argument to HttpServletRequest.isUserInRole() method to a role name known by the web container. All role names definded by <security-role> elements must be mapped to users and/or groups known by the web container. How this is done is container dependent. The <security-role-element> allows you to use servlet that uses a role name in the isUserRole() method that is not defined by a <security-role> elemnt. A typical scenario where this can be useful is whem you combine servlets from different sources into one application, and the servlets use different role names for tyhe same logical role.

So I think the given answer is correct.

Thanks
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!