Hi, I'm using Ki in an unusual way (with configuration in XML file instead of Web.xml ini-file-like conf). That's not the point (all is working well), but trying different scenarios, i found a weird behaviour.
Let's say there is in the conf file a line like this : /blabla/** = authc, roles[admin,superadmin] In my mind, this means : (authenticated) user with admin role OR superadmin role may access to /blabla/** I fact, it seems to be : user with admin role AND superadmin role may access to /blabla/** Am i right or am i wrong ? Obviously, the next question is : if the AND behaviour is the standard one, how to have a OR behaviour ? Best regards Jean-Charles -- View this message in context: http://n2.nabble.com/AND-or-OR-roles-filters---tp2741505p2741505.html Sent from the JSecurity User mailing list archive at Nabble.com.
