tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From philguillard <philguill...@gmail.com>
Subject realm diiferent constraint for different resource
Date Mon, 02 Jan 2006 08:42:28 GMT
Hi,

I'd like to set 2 different security contraints :  /admin would be 
accessible with admin roles and the rest of my application with user 
roles. Only one security-constraint directive is allowed
How can i manage that ?

Rgards,

Phil

<security-constraint>
  <web-resource-collection>
    <web-resource-name>Entire Application</web-resource-name>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
      <role-name>user</role-name>
  </auth-constraint>
</security-constraint>

<security-constraint>
  <web-resource-collection>
    <web-resource-name>Admin</web-resource-name>
    <url-pattern>/admi*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
      <role-name>admin</role-name>
  </auth-constraint>
</security-constraint>

<login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>foo</realm-name>
</login-config>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message