On Mon, May 5, 2008 at 3:52 PM, Masen J <
masenjabban@...> wrote:
> <security-constraint>
> If my app is /myApp and there I have a folder named "auth"..then I have to
> change
> <url-pattern>/java-authentication/</url-pattern>
>
> to
>
> <url-pattern>/myApp/</url-pattern> right?
No: the <url-pattern> tells you what path you want to protect. If
users try to access a URL that matches that pattern, the servlet
container will make sure they have logged in and have the appropriate
role.
> But how can I use different/more than one <security-constraint>`s ???
So you might want to say that <url-pattern>/admin</url-pattern>
requires a "special" admin role, while some other path
<url-pattern>/view</url-pattern> only requires a "user" role. This way
you can have two types of users. But both will use the same login page
which you configure with <login-config>. This means you'll always have
just one <login-config>, but you can have multiple
<security-constraint>.
Alex
--
Orbeon Forms - Web 2.0 Forms, open-source, for the Enterprise
Orbeon's Blog:
http://www.orbeon.com/blog/Personal Blog:
http://avernet.blogspot.com/Twitter -
http://twitter.com/avernet--
You receive this message as a subscriber of the
ops-users@... mailing list.
To unsubscribe: mailto:
ops-users-unsubscribe@...
For general help: mailto:
sympa@...?subject=help
OW2 mailing lists service home page:
http://www.ow2.org/wws
