Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

<security-role-ref> comes under which tag??

 
Poonam Agarwal
Ranch Hand
Posts: 324
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Consider the follwing XML fragment occuring in web.xml of a webapp.


I have seen this code in the Enthuware mock . I wonder if <security-role-ref> element comes under a <servlet> element in web.xml file?
Is this the way to map hard coded role name to actual role name (vendor specific) for particular servlet OR something else.

Please make me understand me.

Thanks in Advance

 
Christophe Verré
Sheriff
Posts: 14691
16
Eclipse IDE Ubuntu VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I wonder if <security-role-ref> element comes under a <servlet> element in web.xml file?

Yes it does. So that a reference to a role can be used in a servlet.

Is this the way to map hard coded role name to actual role name (vendor specific) for particular servlet OR something else.

This way, the person who makes does not have to know about the real role name. For example, it can call isUserInRole("BOSS") without taking care if the role exists or not. The link between this "fake" role, and the real role name is done in the descriptor, as described in the example.
It also allows to deploy the same application in different environment. In one environment, "BOSS" might be associated to "manager", but in another one, it might be associated to "evil" ;) The link can be changed in the descriptor, without changing the code.
 
Poonam Agarwal
Ranch Hand
Posts: 324
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Christophe
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic