You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ryan <ni...@gmail.com> on 2007/03/21 14:39:20 UTC
requiring multiple roles for access
Hi All,
I would like to require a user to belong to two roles to access a certain
application (i.e. user must belong to role1 AND role2 to access). I've tried
the following in my web.xml....
<auth-constraint>
<role-name>role1</role-name>
<role-name>role2</role-name>
</auth-constraint>
Unfortunately, this doesn't seem to work (it seems to allow role1 OR role2).
Is what I'm trying to do possible??
Thanks,
Ryan