tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike La Budde <>
Subject role-based security how to?
Date Wed, 13 Dec 2000 17:18:05 GMT
I'm a bit at a loss as to how I'm supposed to configure the role-based 
security in my webapp's web.xml file.

Consider the following scenario for my webapp:

area 				roles
/pages/customers/* 		sales,admin
/pages/orders/*		sales,clerks,admin
/pages/products/* 		clerks,admin

It's easy to configure multiple web-resource-collections for this, e.g.

The following:


seems to allow anyone with the role of admin to access all of the specified 
web-resource-collections (which is fine in this example);
But how do I configure the other roles (sales & clerks) to only have access 
to a specified web-resource-collection??

Any help would be greatly appreciated!



View raw message