The auth-constraint element is used to list those roles that are authorized to access resources specified in a security-constraint.
Element |
Required |
Description |
<description> |
Optional |
Description of the roles that are authorized |
<role-name> |
Optional |
Roles that can access resources defined in the web-resource-collection of this security-constraint. If the idm.access.groupsAsRoles parameter is enabled, groups can be fully qualified with their realm/domain name. See the group element for more details. |
<http-method> |
Optional |
Indicates which HTTP methods (for example, GET or POST) are subject to this security-constraint. If no method is indicated, then all methods are protected. |
This section outlines the mechanisms in Single Sign-on for Java used to achieve secure operation, and outlines some areas that may need special attention. It assumes familiarity with basic security concepts, Kerberos, the HTTP protocol and Java EE application configuration.
This section discusses some of the deployment risks associated with the implementation of a Single Sign-on for Java-based solution. These risks are not inherent to Single Sign-on for Java, but may impact on Single Sign-on for Java’s service availability or result in false positive/negative authentication.
© ALL RIGHTS RESERVED. Termini di utilizzo Privacy Cookie Preference Center