I am sending this once more. Sorry if you have already seen this. Mohan
-----Original Message----- From: MOHAN RADHAKRISHNAN [mailto:[EMAIL PROTECTED] Sent: Monday, April 12, 2004 9:04 PM To: [EMAIL PROTECTED] Subject: override isUserInRole Hi I am looking for ways to bypass CMA in one case which requires an anonymous user to view some data. 1. I am trying to use public class RequestWrapper extends HttpServletRequestWrapper{ private HttpServletRequest request; public RequestWrapper( HttpServletRequest req ){ super( req ); } public boolean isUserInRole( String role ){ return true; } } I know that this is one approach. How would this work if I were using a servlet filter ? I'd like to know how to use this to fool CMA. 2. The other approach is to use multiple security constraints in web.xml I have a problem again. How can I use URL pattern matching for /switch.do?prefix=/x&page=/x.do ? I am using modules. I want to move it into a separate security constraint section without roles. Appreciate help. Is what I am trying to do feasible ? Mohan --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
