Yeah, this is sort of what I had been thinking. Then I got to looking
at the Catalina JavaDocs and it seemed to me that if I could get a valid
org.apache.catalina.core.StandardContext Object for the current
web-app then I could get the SecurityConstraint[] Array using
findConstraints() and it olooked like I could take it from there.
I know this might be better to ask on the developers list, but what I
was wondering is :
1) Can the above be done?
2) If not is could someone point me to the Tomcat (or Jetty) classes
that do the parsing of the security constrains for the web.xml so I can
reuse it, rather than starting from scratch?
Thanks,
Robert Sanders.
Craig R. McClanahan wrote:
>Well, you can always parse the "/WEB-INF/web.xml" file yourself to
>determine what roles are required to access "/reports/invoices.jsp", then
>use the request.isUserInRole test to check whether the current user has
>any of the required roles. But there's no standard APIs that do this for
>you.
>
>Craig
>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
