• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

security-role question

 
Rick Roberts
Ranch Hand
Posts: 59
Hibernate Java Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Are these 2 methods for doing <security-role> both legal and equivalent?

Method 1:



Method2:
 
Deepak Bala
Bartender
Posts: 6663
5
Firefox Browser Linux MyEclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I found this fragment of text in the specs.

"The role-name used here must either correspond
to the role-name of one of the security-role elements
defined for this web application, or..."

Also... the DD pictorial diagram showed the security-role tag to have 0 or more occurances. So both are legal.
 
Rick Roberts
Ranch Hand
Posts: 59
Hibernate Java Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I was searching this forum for another (but related) question and came across these 2 discussions which seem to contradict multiple <role-name> elements in the <security-role> element.

security-role question (HFS related)

> 1 role-name in security-role

Anyone else care to weigh in and help clarify this?
 
Daniel Dalton
Ranch Hand
Posts: 146
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can have ONE role name per security-role, because that's what the schema says.

The relevant extract from the schema at j2ee_1.4 is:


<!-- ****************************************************
-->
- <xsd:complexType name="security-roleType">
- <xsd:annotation>
- <xsd ocumentation>
- <![CDATA[

The security-roleType contains the definition of a security
role. The definition consists of an optional description of the
security role, and the security role name.

Example:

<security-role>
<description>
This role includes all employees who are authorized
to access the employee service application.
</description>
<role-name>employee</role-name>
</security-role>



]]>
</xsd ocumentation>
</xsd:annotation>
- <xsd:sequence>
<xsd:element name="description" type="j2ee escriptionType" minOccurs="0" maxOccurs="unbounded" />
<xsd:element name="role-name" type="j2ee:role-nameType" />
</xsd:sequence>
<xsd:attribute name="id" type="xsd:ID" />
</xsd:complexType>



So you can have as many <description> elements as you like, but only one <role-name> per <security-role>

Hope that helps.
[ October 15, 2006: Message edited by: Daniel Dalton ]
 
Rick Roberts
Ranch Hand
Posts: 59
Hibernate Java Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yep. Your right and I did not look at the HFS&J errata beforehand which answers this question definatively.


[632] The last XML on the page;

the DD-XML:

<security-role>
<role-name>Admin</role-name>
<role-name>Member</role-name>
<role-name>Guest</role-name>
</security-role>

should read:

<security-role>
<role-name>Admin</role-name>
</security-role>
<security-role>
<role-name>Member</role-name>
</security-role>
<security-role>
<role-name>Guest</role-name>
</security-role>

According to the servlet 2.4 spec, page 145 (13.4.19),
<role-name> is allowed only once within a <security-role>
element.




Thanks for the replys folks.
 
Deepak Bala
Bartender
Posts: 6663
5
Firefox Browser Linux MyEclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
ahhh... I didnt know this was errata and it looks to be a big one. I was referring to the multiple <security-role> elements being valid but never looked up the <role-name> element. I thought, since its in the HF book, it must be true !
 
Senthil Kumar
Ranch Hand
Posts: 264
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
But having more than one <role-name> inside a <security-role> does works for me.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic