Thanks Charles for clarification. Regards, RJ.
-----Original Message----- From: Caldarale, Charles R [mailto:chuck.caldar...@unisys.com] Sent: Friday, August 13, 2010 3:41 PM To: Tomcat Users List Subject: RE: JAAS Realm and http error 403 > From: Rashid Jilani [mailto:jil...@lifebiosystems.com] > Subject: RE: JAAS Realm and http error 403 > > After going through Tomcat specification I was under the impression > that "*" will authenticate any role Exactly where were you looking? > I wonder is there any JAAS/Tomcat expert who can comments > on this, and let me know the interpretation of the "*" under > < role-name > element Read the servlet spec: "The special role name '*' is a shorthand for all role names defined in the deployment descriptor." Note that this is *not* any role, it is any of the *enumerated* roles in web.xml. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
