tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Chandler <a...@chandlerfamily.org.uk>
Subject Re: Trouble understanding security constraints
Date Thu, 09 Feb 2006 07:25:54 GMT
On Thursday 09 February 2006 04:05, Bill Barker wrote:
> "Alan Chandler" <alan@chandlerfamily.org.uk> wrote in message
> news:200602082320.35930.alan@chandlerfamily.org.uk...
...
> This works correctly in TC 5.x.  You need to reverse the order for TC 4.1.x
> (this is due to a change in the respective versions of the servlet spec
> they implement).
>
> > <security-constraint>
> >    <web-resource-collection>
> >      <web-resource-name>
> >        Valid Users
> >      </web-resource-name>
> >      <url-pattern> /* </url-pattern>
> > </web-resource-collection>
> >    <auth-constraint>
> > <role-name>*</role-name>
> >    </auth-constraint>
> > </security-constraint>
> >
> > <security-constraint>
> >    <web-resource-collection>
> >      <web-resource-name>
> >        Site Admin
> >      </web-resource-name>
> >      <url-pattern> /admin/* </url-pattern>
> > </web-resource-collection>
> >    <auth-constraint>
> > <role-name>admin</role-name>
> >    </auth-constraint>
> > </security-constraint>
> >
Since I am doing everything for TC 4.1.3 (Debian Stable) and just to be clear, 
do you mean the following (ie swapping round the security-constraints)

<security-constraint>
    	<web-resource-collection>
      		<web-resource-name> 
        		Site Admin 
      		</web-resource-name>
      		<url-pattern> /admin/* </url-pattern>
		</web-resource-collection>
    	<auth-constraint>
			<role-name>admin</role-name>
    	</auth-constraint>
</security-constraint>
<security-constraint>
    	<web-resource-collection>
      		<web-resource-name> 
        		Valid Users 
      		</web-resource-name>
      		<url-pattern> /* </url-pattern>
		</web-resource-collection>
    	<auth-constraint>
			<role-name>*</role-name>
    	</auth-constraint>
</security-constraint>

Otherwise thank you very much that was very clear.
-- 
Alan Chandler
http://www.chandlerfamily.org.uk
Open Source. It's the difference between trust and antitrust.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message