Class |
|
|---|---|
Component |
|
AuthenticationServlet determines whether the user is authorized to view the request URL. This servlet’s securityDomain property references a PathSecurityDomain component which maps each restricted URL to the user identities permitted to view it. Even though a user may be have permission to view a URL, if that user’s session has expired, the user will instead be directed to the URL provided in the AuthenticationServletsessionExpiredRedirectURL. When access is denied due to insufficient authorization, the user is sent to the URL in the redirectURL property.
