• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Junilu Lacar
  • Liutauras Vilda
Sheriffs:
  • Paul Clapham
  • Jeanne Boyarsky
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Piet Souris
  • Carey Brown
Bartenders:
  • Jesse Duncan
  • Frits Walraven
  • Mikalai Zaikin

Is auth-constraint related to security-role?

 
Ranch Hand
Posts: 59
Hibernate Redhat Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have searched HFS&J and Mikalai Zaikin's Notes and still don't understand this concept. Maybe the answer is there and I just missed it but:

Is the <role-name> element in <auth-constraint> related to the <role-name>
element in <security-role> ?


Edited to include a code example:




Thanks
[ October 15, 2006: Message edited by: Rick Roberts ]
 
Ranch Hand
Posts: 356
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hello,

yes. Normally in auth-constraint only roles which are declared using security-role would be used.

Kai
 
Rick Roberts
Ranch Hand
Posts: 59
Hibernate Redhat Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Does that mean that a <security-role> <role-name> is required before you can use <auth-constraint> <role-name> ?
 
Kai Witte
Ranch Hand
Posts: 356
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hello,

without the security-role declaration the container would normally not be able to (or is not allowed to be able to?) map the role names in the auth-constraint to the ones that are set up in the container-specific configuration.

I recommend to just set up such a system, for example with the Tomcat MemoryRealm.

Kai
 
Rick Roberts
Ranch Hand
Posts: 59
Hibernate Redhat Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have set it up in my tomcat and I still don't get it.

It doesn't work the way that I expect it would I will probably be able to figure it out. I may have to reference the tomcat docs.

But more importantly, I don't think that HFS&J nor Mikalai's notes gives enough info to understand how this works.
 
pie. tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic