• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • salvin francis
  • fred rosenberger

Mandatory elements inside <security-constriant>?

 
Ranch Hand
Posts: 209
Tomcat Server Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello ranchers i am having huge confusion regarding the mandatory elements inside the <security-constriant> element.
Now i am gonna note down following points please correct me if i am wrong

1.<web-resource-collection> is a mandatory element.
- Inside <web-resource-collection>
a.<web-resource-name> is mandatory
b.<url-pattern> is mandatory
c.<http-method> is optional

-<auth-constriant> is optional
-<user-data-constraint> is optional
-<transport-guarantee> is optional

2 <login-config> is optional

Please correct me if i am WRONG in the above statements
--------------------------------------------------------------------------------------------------
Now my second question is how many instance of each element can be present ?
<web-resource-collection> can be 1 to many
<url-pattern> can be 1 to many
<http-method> can be 0 to many
<auth-constriant> can be 0 to 1
<user-data-constraint> can be 0 to 1
<transport-guarantee> can 0 to 1

Please correct me if i am WRONG in the above statements
--------------------------------------------------------------------------------------------------

If i have missed anything above your valuable suggestions are really welcomed,will help me understand the concept better

P.S i have tried reading specs but i am not able to understand so i decided to count on you guys as you always do help me

Regards,
Sagar

 
Greenhorn
Posts: 15
Eclipse IDE MySQL Database Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi sagar,

I think <login-config> element is mandatory because a user needs to be authenticated before the authorization is done.

If you are following HFSJ , then page 666 provides a good idea.
 
Sagar Shroff
Ranch Hand
Posts: 209
Tomcat Server Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

shailesh thakur wrote:Hi sagar,

I think <login-config> element is mandatory because a user needs to be authenticated before the authorization is done.

If you are following HFSJ , then page 666 provides a good idea.




Yes i am wrong login-config is mandatory in case where user needs to be authenticated.
Shailesh what are your views on the other's ? any idea ?
 
Creator of Enthuware JWS+ V6
Posts: 3346
303
Android Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Check this SecurityConstraint of the xsd

1.<web-resource-collection> is a mandatory element.
- Inside <web-resource-collection>


Do you mean mandatory inside <security-constraint>? Yes, that is correct

a.<web-resource-name> is mandatory
b.<url-pattern> is mandatory
c.<http-method> is optional

-<auth-constriant> is optional
-<user-data-constraint> is optional


Correct

<transport-guarantee> is optional


No, if you have a <user-data-constraint>, then the <transport-guarantee> is mandatory

2 <login-config> is optional


Correct, it doesn't have to be there

<web-resource-collection> can be 1 to many
<url-pattern> can be 1 to many
<http-method> can be 0 to many
<auth-constriant> can be 0 to 1
<user-data-constraint> can be 0 to 1


Correct

<transport-guarantee> can 0 to 1


<transport-guarantee> should be 1 ( inside the user-data-constraint)

Regards,
Frits
 
Sagar Shroff
Ranch Hand
Posts: 209
Tomcat Server Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks again !

Regards Sagar.
 
this llama doesn't want your drama, he just wants this tiny ad for his mama
Devious Experiments for a Truly Passive Greenhouse!
https://www.kickstarter.com/projects/paulwheaton/greenhouse-1
    Bookmark Topic Watch Topic
  • New Topic