-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cédric,
On 5/3/13 3:09 AM, Cédric Couralet wrote: > More of a servlet spec question than a tomcat one, and, from what > I read, a rather long shot, but is there a way to define > auth-constraint dynamically in web.xml? > > For instance I'd like to have the following > > <security-constraint> <display-name></display-name> > <web-resource-collection> <web-resource-name></web-resource-name> > <url-pattern>/something/(.*)/someotherthing</url-pattern> > <http-method>PUT</http-method> <http-method>POST</http-method> > <http-method>DELETE</http-method> </web-resource-collection> > <auth-constraint> <role-name>\1_something</role-name> > </auth-constraint> </security-constraint> <security-role> > <role-name>*_something</role-name> </security-role> > > with \1 being the (.*) in url-pattern ? Nope. You'll have to resort to using a Filter. > I know I can do it programmatically with something like > request.isUserInRole(). But I would like to define all the webapp > security in another place than in code (if only not to forget > anything :) ). If you wanted things to be a bit more explicit in web.xml, you could write a Filter that checks for a *specific* user role, and then configure it all in web.xml. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJRg6TwAAoJEBzwKT+lPKRY+44QAImu0S7ZBXEhLZTm7UNXDbkR amV3YxI5XwiIEWxEOUj7RIPM/edXcYbcOZyZl8GDmQzR4IZJrzo0JbjjnlNhmaq+ MLh9lYDOdMZh4I3rgWIw/yE4fMSu6AIDdXZc3eVzv/VERZkmgoxhpeec878MGA+a g0M9BvuKRp+uuGBk6D25aQ+bvyL2DqKMnXsSroUF4zu4g+O+wdJAjwZYR5wW59TQ L3OLsToTQWhWFTfSBYqmnwehp4jHEtT/p7jF/5BOdqhsRepVsTrdSsnl2rlk62v9 xguEUOdiE1mu804leaUhtvVIBn2MlboyCbqrslxno4vliW9DxA2rdVYxd/Dd4jxw oZ669QNOPoedVnbBtD5mCo67+79CHdj5pysgaRPAWZOdLV0MmsuGxfyuOfiHdQ81 Mq6iMNGVEtYL9oEqP3im1JjpIPpsoYc95PjiHxwHXQmCfSJiaJYID1nnSAv6HHah uTyGsxA4XMMJ7nM97z4dKHcDqiMDMKD+d506L551jzgyQQmMW6yzarjowRg9JRpe 70crk4hvNiZt4DhcKvRwkO7RZ+6NbTWfOUFaUa2pSm96yLAZWKf/EG6vr1wLfPyh 9525LDTZ9AUc7m4dBywgsv6DLWd2UbvWujcvlMJZ/zr31Tmcp39tgLcCbt3IO8tt 1kr+BtYQaMlQyH8/G89Z =JS9x -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
