Hi All, I would like to require a user to belong to two roles to access a certain application (i.e. user must belong to role1 AND role2 to access). I've tried the following in my web.xml.... <auth-constraint> <role-name>role1</role-name> <role-name>role2</role-name> </auth-constraint>
Unfortunately, this doesn't seem to work (it seems to allow role1 OR role2). Is what I'm trying to do possible?? Thanks, Ryan