yeah and you might even add another table to tie it in, too. I've done that as well.
Tomcat requires the users and user_roles tables, but that doesn't inhibit you from customizing it further if needed. -----Original Message----- From: Ryan [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 21, 2007 2:28 PM To: Tomcat Users List Subject: Re: requiring multiple roles for access Chuck, I think you and Barry are correct, I will probably to define another role for this purpose and segregate different parts of the application. Thanks, Ryan On 3/21/07, Caldarale, Charles R <[EMAIL PROTECTED]> wrote: > > > From: Ryan [mailto:[EMAIL PROTECTED] > > Subject: requiring multiple roles for access > > > > I would like to require a user to belong to two roles to > > access a certain application (i.e. user must belong to role1 > > AND role2 to access). I've tried the following in my web.xml.... > > <auth-constraint> > > <role-name>role1</role-name> > > <role-name>role2</role-name> > > </auth-constraint> > > > > Unfortunately, this doesn't seem to work (it seems to allow > > role1 OR role2). > > As expected; to quote from the servlet spec: > > "A user must be a member of at least one of the named roles to be > permitted to perform the constrained requests." > > > Is what I'm trying to do possible?? > > The easiest way might be just to define a separate role for this purpose > rather than trying to piggy-back off combinations. > > - Chuck > > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you > received this in error, please contact the sender and delete the e-mail > and its attachments from all computers. > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
