About Question enthuware.jwpv6.2.989 :
Posted: Sat Oct 15, 2011 10:28 am
The second option "specify a security-role element for boss in the web.xml." is also correct.
<security-role-ref> elements are used when you want to create a link - roles that you have want to use in your application are not consistent with roles used in the code, but there is no problem if declared roles inside web.xml(using <security-role> element) are matching the roles used in the servlet code.
<security-role-ref> elements are used when you want to create a link - roles that you have want to use in your application are not consistent with roles used in the code, but there is no problem if declared roles inside web.xml(using <security-role> element) are matching the roles used in the servlet code.
Code: Select all
<security-role>
<role-name>boss</role-name>
</security-role>