• Post Reply Bookmark Topic Watch Topic
  • New Topic

Authorization  RSS feed

 
Satyajeet Kadam
Ranch Hand
Posts: 224
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
what is flow during authorization.In tomcat-users.xml we are defining roles and creating users and assigning roles to them.
Q1) Suppose client is accessing specfic servlet that requires authorization
which file does continer checks?tomcat-users.xml or <web.xml>
Q2) how both files are related in terms of authorization.
 
Michael Ku
Ranch Hand
Posts: 510
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Each container uses different mechanisms to map users to their password and roles. These mechanisms are beyond the scope of the exam. Tomcat gives you a simple way of mapping users/passwords/roles. You can use tomcat-users.xml for testing using tomcat. Other containers do not use this file/mechanism. HFSJ book references this tomcat file/mechanism to allow you an easy way of testing the various settings that can be configured in web.xml and I encourage you to test out various scenarios in order to more easily learn the security settings that you will need to know for the exam

But it is the settings in web.xml that you will need to concentrate on for the exam.

If you set up some tests and they either do not work the way you expect or you do not understand the result and have questions (doubts), I would be happy to help you.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!