About Question enthuware.jwpv6.2.843 :
Posted: Mon May 08, 2017 4:13 am
Although it's required by the specification, practically it's vendor specific rule.
As example I used Apache Tomcat 8.5.11 and configured its realm to use tomcat-users.xml file where some roles and userNames are listed as following:
After that it's possible to use in your DD this roleName directly like this:
As example I used Apache Tomcat 8.5.11 and configured its realm to use tomcat-users.xml file where some roles and userNames are listed as following:
Code: Select all
<role rolename="tomcat"/>
Code: Select all
<security-constraint>
<web-resource-collection>
<web-resource-name>Context Parameters</web-resource-name>
<url-pattern>/contextParameters.jsp</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>tomcat</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>INTEGRAL</transport-guarantee>
</user-data-constraint>
</security-constraint>