I would like to set up my realm to allow folks in by userid not by
rolename.
I do not know what the tag for the web.xml file should be The following
is a sample security constraint.
The role names are working fine, but I need to say if a user is tony or
user is x then allow them in, but without the use of
roles.
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/jsp/security/protected/*</url-pattern>
<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area
-->
<!-- the following does not work because tony is a userid not a
rolename -->
<!-- what tag should I use to get this to work so userid tony
can access the application space? -->
<role-name>tony</role-name>
<role-name>marketing</role-name>
<role-name>role1</role-name>
</auth-constraint>
</security-constraint>
Thanks,
Tony
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
