RE: Problem using BASIC security mechanism!

Thu, 08 Feb 2001 20:34:28 -0800 

use <url-pattern>/*</url-pattern> will protect all the pages in that app.

-----Original Message-----
From: Kaisheng Du [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 07, 2001 1:17 PM
To: JRun-Talk
Subject: RE: Problem using BASIC security mechanism!


Thanks a lot, Lin, for your reply!

I use JRun 3.0 SP1. The thing is that we just want to distinguish
different web applications by their names. We define different
customs accessing the same servlet as different web apps. We just
want the security control at the application level. We don't
have the next level directory to look for. Can we still use the JRun
security model?

Kaisheng Du


>From: Lin Lin <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: JRun-Talk <[EMAIL PROTECTED]>
>Subject: RE: Problem using BASIC security mechanism!
>Date: Wed, 07 Feb 2001 10:55:38 -0500
>
>This depends on what version of jrun you are using.
>If you are using Jrun 3.0, the <url-pattern> should include your web
>applications name as part of the url-pattern. But if you are using Jrun3.0
>SP1, then you must not include your web app's name.
>i.e. if your web app is named webauth, and a directory under it named
>myjsps:
>for jrun 3.0, it should be <url-pattern>/webauth/myjsps</url-pattern>
>for jrun 3.0 SP1, it should be <url-pattern>/myjsps</url-pattern>
>
>-----Original Message-----
>From: Kaisheng Du [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, February 07, 2001 9:29 AM
>To: JRun-Talk
>Subject: Problem using BASIC security mechanism!
>
>
>
>Hi,
>
>We are using BASIC and the default JRun security model. Our program
>is consisited of one servlet and different data for different customers.
>Each different customer is mapped to a different name. We also define
>url-pattern to consist the mapped name (eg. /coke/*). We also define roles,
>groups and
>uses,etc. But when we tried to access the page using
>http://machinename/coke/servlet/MyServlet?name=coke, it let us in
>without any checking. But if we changed the url-pattern to either * or
>/servlet/*, it does do the checking with the user-password dialog box
>popping up. Does anyone have any experience with it?  Any comments
>are appreciated!
>
>Thanks,
>
>Kaisheng Du
>Netscout System
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

Reply via email to