Re: Re: Help with login

On Mon, May 5, 2008 at 3:52 PM, Masen J <masenjabban@...> wrote:

 <security-constraint>

If my app is /myApp and there I have a folder named "auth"..then I have to

change

<url-pattern>/java-authentication/</url-pattern>

to

<url-pattern>/myApp/</url-pattern> right?

No: the <url-pattern> tells you what path you want to protect. If
users try to access a URL that matches that pattern, the servlet
container will make sure they have logged in and have the appropriate
role.

But how can I use different/more than one <security-constraint>`s ???

So you might want to say that <url-pattern>/admin</url-pattern>
requires a "special" admin role, while some other path
<url-pattern>/view</url-pattern> only requires a "user" role. This way
you can have two types of users. But both will use the same login page
which you configure with <login-config>. This means you'll always have
just one <login-config>, but you can have multiple
<security-constraint>.

Alex
--
Orbeon Forms - Web 2.0 Forms, open-source, for the Enterprise
Orbeon's Blog: http://www.orbeon.com/blog/
Personal Blog: http://avernet.blogspot.com/
Twitter - http://twitter.com/avernet

--
You receive this message as a subscriber of the ops-users@... mailing list.
To unsubscribe: ops-users-unsubscribe@...
For general help: sympa@...
OW2 mailing lists service home page: http://www.ow2.org/wws