Thanks for getting back to me Ruth;
I've been three days with this now.
-----Original Message-----
From: Ruth, Brice
>question.
> I'm assuming these are 'part of' the repository app? Is
that right?
> What should the uri-pattern be for these?
> Again the browse path will be
>http://localhost/repository/upload/index.html
>I want to have different security requirements for upload
and search.
>If I have the security constraint on repository defined with
>url-pattern of /*, I'm thinking that will cover all the
descendents of
>the repository directory? Is that wrong?
That's a correct assumption. You should be able to do what
you're wanting to do, the main thing to understand is that
if you need to set a granular constraint, say for
/repository/search/index.html, then you need to access that
page as such.
yes, for testing I'm using
http://localhost/repository/search/index.html
I have no mapping for these since they are simple html files.
On the other hand, if you want to take
advantage of index files, then a security constraint in the
form of /repository/search/ should work (no wildcard "*" at
the end). Its really just a pattern/glob match that takes
place to determine if a security constraint should be
invoked or not. This last pattern should only be invoked
for /repository/search/, not for anything else.
So it would not impact
/repository/search/otherFile.html ? And no other child directories?
That's a relief.
Same goes
if you have one tied to /repository/. I would advise that
you add an additional URL-pattern for the actual index file
as well, otherwise, if that file is accessed directly, then
the security constraint will not be invoked.
Yes, I've tried that. No success.
I've reverted to the $catalina-home/conf/tomcat-users.xml
to take out the mySQL loop too. Still no success.
Could someone provide a (simple) example of the
<security-constraint>
..
<url-pattern>
vs
the $catalina-home/webapps/X structure please.
I can't find any examples other than a single app
using appname/* as the url-pattern.
With 3 roles. admin, read, rwrite and
/webapps
/repository admin|read|rwrite
/admin admin only
/search admin|read|rwrite
/upload admin|rwrite
All use index.html.
I think the url-patterns are:
<url-pattern>/repository/admin/index.html</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<url-pattern>/repository/upload/*</url-pattern>
ditto
<auth-constraint>
<role-name>rwrite</role-name>
<role-name>admin</role-name>
</auth-constraint>
<url-pattern>/repository/search/*</url-pattern>
....
<auth-constraint>
<role-name>admin</role-name>
<role-name>rwrite</role-name>
<role-name>read</role-name>
</auth-constraint>
Anything wrong with these?
*must* I use wildcards/globbing when I'm using defaults
(index.html, index.jsp or whatever?)
regards DaveP
--
DISCLAIMER:
NOTICE: The information contained in this email and any attachments is
confidential and may be privileged. If you are not the intended
recipient you should not use, disclose, distribute or copy any of the
content of it or of any attachment; you are requested to notify the
sender immediately of your receipt of the email and then to delete it
and any attachments from your system.
RNIB endeavours to ensure that emails and any attachments generated by
its staff are free from viruses or other contaminants. However, it
cannot accept any responsibility for any such which are transmitted.
We therefore recommend you scan all attachments.
Please note that the statements and views expressed in this email and
any attachments are those of the author and do not necessarily represent
those of RNIB.
RNIB Registered Charity Number: 226227
Website: http://www.rnib.org.uk
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
