Yes - if the user had both roles, they would be able to access both of
the URLs.
On Apr 1, 2009, at 2:48 PM, Bruce Phillips wrote:
Thanks for the quick reply.
We may need to use permissions as you outlined.
However, if a user has both the role of student and of admin, can
that user then access the student URLs and the admin URLs:
[urls]
/students/** = authc, roles[student]
/admin/** = authc, roles[admin]
I don't have this web application setup yet so I cannot test it
myself right now. We are trying to determine how best to configure
the security given our requirements.
Bruce
--
View this message in context:
http://n2.nabble.com/Allowing-Multiple-Roles-To-Access-A-URL-tp2570736p2570909.html
Sent from the JSecurity User mailing list archive at Nabble.com.
