On 19/04/2013 21:37, Propes, Barry L wrote: > What version are you using? > > Mine doesn't contain this attribute pair at all... > > <security-role-ref> > </security-role-ref>
The version being used is irrelevant. <security-role-ref> is only valid inside a <servlet> element. There might still be a bug here - I'm currently looking at the source to check - but it isn't the bug the OP thinks they have found. Mark > > -----Original Message----- > From: Jakub 1983 [mailto:jjaku...@gmail.com] > Sent: Thursday, April 18, 2013 8:51 PM > To: Tomcat Users List > Subject: security-role-ref doesn't work > > my tomcat users: > <role rolename="tomcat"/> > <role rolename="role1"/> > <role rolename="manager-gui"/> > <role rolename="admin"/> > <user username="tomcat" password="tomcat" > roles="tomcat,manager-gui,admin"/> > <user username="both" password="tomcat" roles="tomcat,role1"/> > <user username="role1" password="tomcat" roles="role1"/> > > following code fails: > <security-constraint> > <web-resource-collection> > <web-resource-name>Sample Application</web-resource-name> > <description>Require users to authenticate</description> > <url-pattern>*.jsp</url-pattern> > <http-method>POST</http-method> > <http-method>GET</http-method> > </web-resource-collection> > <auth-constraint> > <role-name>adminLocal</role-name> > </auth-constraint> > <user-data-constraint> > <transport-guarantee>NONE</transport-guarantee> > </user-data-constraint> > </security-constraint> > <security-role> > <role-name>adminLocal</role-name> > </security-role> > <security-role-ref> > <role-name>admin</role-name> > <role-link>adminLocal</role-link> > </security-role-ref> > > if I change security-role.role-name to admin, and in > auth-constraint.role-name also to admin, than I can login, > > but why doesnt' it work with <security-role-ref> ? > > regards > Jakub > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
