Declaring Roles Using Deployment Descriptor Elements (The Java EE 5 Tutorial)

The Java EE 5 Tutorial

Previous: Declaring Roles Using Annotations
Next: Defining Security Requirements for Web Applications

Declaring Roles Using Deployment Descriptor Elements

An example of declaring roles referenced in an application using deployment descriptor elements is shown in the following web.xml deployment descriptor snippet:

<servlet>
...
    <security-role-ref>
        <role-name>cust</role-name>
        <role-link>bankCustomer</role-link>
    </security-role-ref>
...
</servlet>

When you use the isUserInRole(String role) method, the String role is mapped to the role name defined in the <role-name> element nested within the <security-role-ref> element. The <role-link> element in the web.xml deployment descriptor must match a <role-name> defined in the <security-role> element of the web.xml deployment descriptor, as shown here:

<security-role>
    <role-name>bankCustomer</role-name>
</security-role>

Previous: Declaring Roles Using Annotations
Next: Defining Security Requirements for Web Applications