Class |
|
---|---|
Component |
|
AuthenticationServlet
determines whether the user is authorized to view the request URL. This servlet’s securityDomain
property references a PathSecurityDomain
component which maps each restricted URL to the user identities permitted to view it. Even though a user may be have permission to view a URL, if that user’s session has expired, the user will instead be directed to the URL provided in the AuthenticationServlet
sessionExpiredRedirectURL
. When access is denied due to insufficient authorization, the user is sent to the URL in the redirectURL
property.