• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

<auth-constraint/> and NO auth-constraint

 
Suhas Wadadekar
Ranch Hand
Posts: 97
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I understand that if there are more than one <auth-constraint> in the DD, the following happens:

1. If there is an empty <auth-constraint/>, then it overrides other <auth-constraint/>, then it denies access to all
2. If there is no <auth-constraint> or an <auth-constraint> with a role name *, then it grants access to all


But what happens if case 1 and case 2 coexist? Who wins?

Suhas.
 
Lucas Smith
Ranch Hand
Posts: 808
1
Android Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Please, try searching. This question was asked multiple times.
 
Arnab Karmakar
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Suhas Wadadekar wrote:Hi,

I understand that if there are more than one <auth-constraint> in the DD, the following happens:

1. If there is an empty <auth-constraint/>, then it overrides other <auth-constraint/>, then it denies access to all
2. If there is no <auth-constraint> or an <auth-constraint> with a role name *, then it grants access to all


But what happens if case 1 and case 2 coexist? Who wins?

Suhas.


it denies access to all
 
Suhas Wadadekar
Ranch Hand
Posts: 97
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic