<security-constraint>
<web-resource-collection>
<web-resource-name>programmer</web-resource-name>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/programmer.jsp</url-pattern>
<url-pattern>/parseRequestP.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>users</role-name>
<role-name>projectchefs</role-name>
</auth-constraint>
</security-constraint>
i.e. both roles in one constraint.
Truong Di Ly wrote:
Hi Experts,I have this problem:
Principals of role users can be authenticated, but not principals of
role projectchefs.web.xml :
---------<!--1.<security-constraint>-->
<security-constraint>
<web-resource-collection>
<web-resource-name>programmer</web-resource-name>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/programmer.jsp</url-pattern>
<url-pattern>/parseRequestP.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>users</role-name>
</auth-constraint>
</security-constraint><!--2.<security-constraint>-->
<security-constraint>
<web-resource-collection>
<web-resource-name>projectchef</web-resource-name>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/projectchef.jsp</url-pattern>
<url-pattern>/parseRequestPC.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>projectchefs</role-name>
</auth-constraint>
</security-constraint><!--3.<security-constraint>-->
<security-constraint>
<web-resource-collection>
<web-resource-name>admin</web-resource-name>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/admin.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>administrators</role-name>
</auth-constraint>
</security-constraint>If I change 1. <security-constraint> with 2.<security-constraint>
then principals of role projectchefs can be authenticated, but not
principals of role users.web.xml:
--------<!--2.<security-constraint>-->
<security-constraint>
<web-resource-collection>
<web-resource-name>projectchef</web-resource-name>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/projectchef.jsp</url-pattern>
<url-pattern>/parseRequestPC.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>projectchefs</role-name>
</auth-constraint>
</security-constraint><!--1.<security-constraint>-->
<security-constraint>
<web-resource-collection>
<web-resource-name>programmer</web-resource-name>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/programmer.jsp</url-pattern>
<url-pattern>/parseRequestP.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>users</role-name>
</auth-constraint>
</security-constraint><!--3.<security-constraint>-->
<security-constraint>
<web-resource-collection>
<web-resource-name>admin</web-resource-name>
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/admin.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>administrators</role-name>
</auth-constraint>
</security-constraint>
-- David Smith Software Development Manager e-Net Software Ltd [EMAIL PROTECTED]