Realm in the order they are
listed. Authentication against any Realm will be sufficient to authenticate
the user.
-
- The CombinedRealm implementation does not support any additional - attributes.
- +See the Container-Managed Security Guide for more information on setting up container managed security using the CombinedRealm component.
+The CombinedRealm implementation supports the following additional + attributes.
+ +This attribute controls how the special role name * is
+ handled when processing authorization constraints in web.xml. By
+ default, the specification compliant value of strict is
+ used which means that the user must be assigned one of the roles defined
+ in web.xml. The alternative values are authOnly which means
+ that the user must be authenticated but no check is made for assigned
+ roles and strictAuthOnly which means that the user must be
+ authenticated and no check will be made for assigned roles unless roles
+ are defined in web.xml in which case the user must be assigned at least
+ one of those roles.
This attribute controls how the special role name * is
+ handled when processing authorization constraints in web.xml. By
+ default, the specification compliant value of strict is
+ used which means that the user must be assigned one of the roles defined
+ in web.xml. The alternative values are authOnly which means
+ that the user must be authenticated but no check is made for assigned
+ roles and strictAuthOnly which means that the user must be
+ authenticated and no check will be made for assigned roles unless roles
+ are defined in web.xml in which case the user must be assigned at least
+ one of those roles.
If a failed user is removed from the cache because the cache is too big before it has been in the cache for at least this period of time (in