RE:RE: Are default Domail.xml/web.xml roles consistent?

Wed, 30 May 2001 08:32:59 -0700 

I'm just installing the new slide 1.0.10 release and would like to revisit 
my question about the consistency of roles defined in Domail.xml/web.xml 
(partial file contents pated in below).

Domain.xml:
<role name="admin">slideroles.basic.RootRole</role>
<role name="guest">slideroles.basic.GuestRole</role>
...
        <permission action="/actions" subject="admin"/>
        <permission action="/actions/read" subject="user"
...
          <objectnode classname="slideroles.basic.GuestRoleImpl"
           uri="/users/guest">
            <revision>
              <property name="password"></property>
            </revision>
          </objectnode>

        </objectnode>
...

          <objectnode classname="slideroles.basic.RootRoleImpl"
           uri="/users/root">
            <revision>
              <property name="password">root</property>
            </revision>
          </objectnode>

web.xml:
-------

  <!--security-constraint>
    <web-resource-collection>
      <web-resource-name>DAV resource</web-resource-name>
      <url-pattern>/*</url-pattern>
      <http-method>COPY</http-method>
      <http-method>DELETE</http-method>
      <http-method>GET</http-method>
      <http-method>HEAD</http-method>
      <http-method>LOCK</http-method>
      <http-method>MKCOL</http-method>
      <http-method>MOVE</http-method>
      <http-method>OPTIONS</http-method>
      <http-method>POST</http-method>
      <http-method>PROPFIND</http-method>
      <http-method>PROPPATCH</http-method>
      <http-method>PUT</http-method>
      <http-method>UNLOCK</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>root</role-name>
      <role-name>guest</role-name>
    </auth-constraint>
  </security-constraint>

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Manager</web-resource-name>
      <url-pattern>/manager/*</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>root</role-name>
    </auth-constraint>
  </security-constraint>


Could anyone explian how this fits together. I have tried the documentation 
but do not understand.

The web.xml says that the methods are available to root and guest on path 
/*. I have these roles setup in tomcat-users.conf. This I understand.

The Domain.xml confuses me ...

Domain.xml seems to assign a few roles e.g. <role 
name="admin">slideroles.basic.RootRole</role>

at the top, but does not seem to use these roles?

e.g.


        <permission action="/actions" subject="admin"/>

and then,


          <objectnode classname="slideroles.basic.RootRoleImpl"
           uri="/users/root">
            <revision>
              <property name="password">root</property>
            </revision>
          </objectnode>

This last part seems to use the whole classname 
slideroles.basic.RootRoleImpl

to assign this level of access to root?

So why define:

<role name="admin">slideroles.basic.RootRole</role>

at the top?


Any help with this or a few sentences to explain how all this fits would be 
much appreciated.

Thanks,
Mark


_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Reply via email to