[jcifs] jCIFS NTLM HTTP Authentication / grant access to roles

Matthias Lakämper MatthiasLakaemper at web.de
Tue Jun 17 20:07:25 EST 2003


Hi,

i have installed the NTLM Authentication. It works fine. 
In the filter i have defined our domain-Controller. 
(jcifs.http.domainController)

But i have a question about the roles-handling. In my web-application (web.xml)
is defined a security-constraint for a certain url, this url is allowed only for 
users belonging to a definite role e.g. "tomcat".

    <security-constraint>
      <display-name>Example Security Constraint</display-name>
      <web-resource-collection>
         <web-resource-name>Protected Area</web-resource-name>
	 <!-- Define the context-relative URL(s) to be protected -->
         <url-pattern>/docRootTest/api/*</url-pattern>
	 <!-- If you list http methods, only those methods are protected -->
	 <http-method>DELETE</http-method>
         <http-method>GET</http-method>
         <http-method>POST</http-method>
	 <http-method>PUT</http-method>
      </web-resource-collection>
      <auth-constraint>
         <!-- Anyone with one of the listed roles may access this area -->
       <role-name>tomcat</role-name>
      </auth-constraint>
    </security-constraint>

My question is, is it possible to define roles and if so, where can 
i define them.

I would be glad to get help.

Regards: Matthias Lakämper

______________________________________________________________________________
UNICEF bittet um Spenden für die Kinder im Irak! Hier online an
UNICEF spenden: https://spenden.web.de/unicef/special/?mc=021101




More information about the jcifs mailing list