• Post Reply Bookmark Topic Watch Topic
  • New Topic

<auth-constraint/> and NO auth-constraint

 
Suhas Wadadekar
Ranch Hand
Posts: 97
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I understand that if there are more than one <auth-constraint> in the DD, the following happens:

1. If there is an empty <auth-constraint/>, then it overrides other <auth-constraint/>, then it denies access to all
2. If there is no <auth-constraint> or an <auth-constraint> with a role name *, then it grants access to all


But what happens if case 1 and case 2 coexist? Who wins?

Suhas.
 
Lucas Smith
Ranch Hand
Posts: 808
1
Android Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Please, try searching. This question was asked multiple times.
 
Arnab Karmakar
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Suhas Wadadekar wrote:Hi,

I understand that if there are more than one <auth-constraint> in the DD, the following happens:

1. If there is an empty <auth-constraint/>, then it overrides other <auth-constraint/>, then it denies access to all
2. If there is no <auth-constraint> or an <auth-constraint> with a role name *, then it grants access to all


But what happens if case 1 and case 2 coexist? Who wins?

Suhas.


it denies access to all
 
Suhas Wadadekar
Ranch Hand
Posts: 97
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks.
 
What are you doing? You are supposed to be reading this tiny ad!
the new thread boost feature brings a LOT of attention to your favorite threads
https://coderanch.com/t/674455/Thread-Boost-feature
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!