Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

security.xml file

 
Vanchi Nathan
Ranch Hand
Posts: 107
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is there a xml file called "security.xml" that can be define to do security for an web application?
If so, where can i find the details of those elements that can be used in the security.xml file?
thanks in advance
vanchin
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13074
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Are you talking about security in terms of what an application is allowed to do, or in terms of what an individual user is allowed to do?
You might look at http://jakarta.apache.org/tomcat/tomcat-4.1-doc/index.html this tomcat documentation for several security related topics and the implementation in Tomcat.
Bill
 
Vanchi Nathan
Ranch Hand
Posts: 107
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,
Actually, I got a webapplication (war file); in it there is a "security.xml" file in 'WEB-INF' folder. The xml file contains the following contents...i don't know whether this configuration is correct... the "security.xml" contents is as follows:
-----------------
<security>
<security-bypass>
<url-pattern>/do/login</url-pattern>
<url-pattern>/do/notAuthorized</url-pattern>
</security-bypass>
<security-constraint>
<display-name>XPlanner View Constraints</display-name>
<web-resource-collection>
<web-resource-name>XPlanner Viewing</web-resource-name>
<url-pattern>/do/view/*</url-pattern>
<url-pattern>/do/export/*</url-pattern>
<url-pattern>/do/edit/person</url-pattern>
<url-pattern>/index.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>viewer</role-name>
<role-name>editor</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>XPlanner Edit Constraints</display-name>
<web-resource-collection>
<web-resource-name>XPlanner Editing</web-resource-name>
<url-pattern>/do/edit/*</url-pattern>
<url-pattern>/do/delete/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>editor</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>editor</role-name>
</security-role>
<security-role>
<role-name>viewer</role-name>
</security-role>
<security-role>
<role-name>admin</role-name>
</security-role>
</security>
---------------
So, pl. help me to understand usage of this file...
thanks
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic