Hi,
We are using BASIC and the default JRun security model. Our program
is consisited of one servlet and different data for different customers.
Each different customer is mapped to a different name. We also define
url-pattern to consist the mapped name (eg. /coke/*). We also define roles,
groups and
uses,etc. But when we tried to access the page using
http://machinename/coke/servlet/MyServlet?name=coke, it let us in
without any checking. But if we changed the url-pattern to either * or
/servlet/*, it does do the checking with the user-password dialog box
popping up. Does anyone have any experience with it? Any comments
are appreciated!
Thanks,
Kaisheng Du
Netscout System
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
