Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Authorization

 
Satyajeet Kadam
Ranch Hand
Posts: 224
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
what is flow during authorization.In tomcat-users.xml we are defining roles and creating users and assigning roles to them.
Q1) Suppose client is accessing specfic servlet that requires authorization
which file does continer checks?tomcat-users.xml or <web.xml>
Q2) how both files are related in terms of authorization.
 
Michael Ku
Ranch Hand
Posts: 510
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Each container uses different mechanisms to map users to their password and roles. These mechanisms are beyond the scope of the exam. Tomcat gives you a simple way of mapping users/passwords/roles. You can use tomcat-users.xml for testing using tomcat. Other containers do not use this file/mechanism. HFSJ book references this tomcat file/mechanism to allow you an easy way of testing the various settings that can be configured in web.xml and I encourage you to test out various scenarios in order to more easily learn the security settings that you will need to know for the exam

But it is the settings in web.xml that you will need to concentrate on for the exam.

If you set up some tests and they either do not work the way you expect or you do not understand the result and have questions (doubts), I would be happy to help you.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic