• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Doubt about auth-constraint

 
Gowher Naik
Ranch Hand
Posts: 643
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


in above code what will happen when
<auth-constraint/>
and
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
will appear in same DD for same webapp?
 
Marcus Green
arch rival
Rancher
Posts: 2813
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What happens when you try to deploy that DD?
 
Siddharth Purandare
Ranch Hand
Posts: 101
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey Gower

Check the HF again. The golden rule says:

"When 2 different NON EMPTY <auth-constraint> elements apply to the same constrained resources access is granted to the union of all roles from both of the <auth-constraint> elements"

So in your case NOBODY has the access. remenber the word. NON EMPTY NON EMPTY NON EMPTY NON EMPTY
 
Marcus Green
arch rival
Rancher
Posts: 2813
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No, don't check a book, actually deploy the code. What if there were an error in the book or a question that was supposed to illustrate this idea? You are far more likely to learn by doing than by reading.
 
Sayak Banerjee
Ranch Hand
Posts: 292
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well Marcus that's true as long as you're tryin' it out with a single <security-constraint> element in your Deployment Descriptor...it works fine....but I've run into a lotta problems when tryin' to combine 2 <security-constraint> elements ....you can check this thread posted by me....Combining security constraints
[ December 11, 2006: Message edited by: Sayak Banerjee ]
 
Marcus Green
arch rival
Rancher
Posts: 2813
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The reason I suggested trying it out was that I was experimenting with part of this issue only a couple of days ago, and as a result created a mock exam question that covered it. I only got as far as confirming that having a <auth-constraint/> means nobody gets to access the resource. I think that is as far as you need go on this for exam purposes.

I have taken to using the Tomcat built into Netbeans for most of these purposes, and it has a direct way to launch the Tomcat admin web application that allows you to manipulate users and roles. I'll describe further if you are interested.
Marcus
 
Sayak Banerjee
Ranch Hand
Posts: 292
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes Marcus...I'm interested in knowing more about it...also, it would be helpful if you let me know as to why this happening...Trust me, I've pondered long about it and finally gave up on it thinking that it would be a container specific issue....Please post your responses on this on the original thread HERE.....Thanks for showin' interest Marcus
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic