• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Programatic Security?

 
Joe Harry
Ranch Hand
Posts: 10128
3
Eclipse IDE Mac PPC Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Guys,

Will there be questions on programatic security on the exam??
 
Gowher Naik
Ranch Hand
Posts: 643
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
For programatic security you should know everything about
request.isUserInRole(String role)
 
Niranjan Deshpande
Ranch Hand
Posts: 1277
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes..
in a nutshell..

request.isUserInRole("manager");

<security-role-ref>
<role-link>manager</role-link>
<role-name>admin</role-name>
</security-role-ref>

the whold thing in programatic security is that we can use to authorize the user on some specific portions of a method, and also we can use it to map the hard coded roles in the servlet, to those that actually mean something to us..! in other words, "manager" was the role that made sense to some developer who wrot the security code, but when we inherited his code, our company has "admin" role which is equivalent to the role called "manager"
this helps us to avoid going around all the servlets and change the "manager" to admin"

hth
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic