Last week, we had the author of TDD for a Shopping Website LiveProject. Friday at 11am Ranch time, Steven Solomon will be hosting a live TDD session just for us. See for the agenda and registration link
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
Bartenders:
  • Piet Souris
  • Himai Minh

security-constraint issue?

 
Ranch Hand
Posts: 47
Netbeans IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


What happens with code combinations 1 and 2, 1 and 3,2 and 3.

Answer
Although the first auth-constraint is empty, implying no one will have access to the resource, this is cancelled out by the second auth-constraint that will allow anyone to access the resource.

I thought that empty auth-constraint always wins and no one will have access...
from Ref
 
Sheriff
Posts: 9692
42
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Kosala please Quote Your Sources when you post a question.

The 1st part of the web.xml is actually not valid. There's a role-name tag outside the auth-constraint element. If there is an empty auth-constraint element, then it will override other auth-constraint elements for the same resource i.e. no one will be allowed (as you said)...
 
Kosala W.Abayagunawardene
Ranch Hand
Posts: 47
Netbeans IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Ankit Garg wrote:Kosala please Quote Your Sources when you post a question.

The 1st part of the web.xml is actually not valid. There's a role-name tag outside the auth-constraint element. If there is an empty auth-constraint element, then it will override other auth-constraint elements for the same resource i.e. no one will be allowed (as you said)...



Sorry about that.Its from Marcus Green Mock Exams,SCWCD Summary Quiz 1, question 6.Yes.I thought the same as 1 is wrong.what will append if is taken out from 1.thanks
 
Ankit Garg
Sheriff
Posts: 9692
42
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

what will append if <role-name>manager</role-name>is taken out from 1.


I already answered that

Ankit Garg wrote:If there is an empty auth-constraint element, then it will override other auth-constraint elements for the same resource i.e. no one will be allowed (as you said)...

 
Kosala W.Abayagunawardene
Ranch Hand
Posts: 47
Netbeans IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Ankit Garg wrote:
I already answered that



Thanks
 
He's dead Jim. Grab his tricorder. I'll get his wallet and this tiny ad:
Free, earth friendly heat - from the CodeRanch trailboss
https://www.kickstarter.com/projects/paulwheaton/free-heat
reply
    Bookmark Topic Watch Topic
  • New Topic