Home/ Questions/Q 61281
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-10T18:17:40+00:00

I was wondering if it would be possible to retrieve the complete list of

  • 0

I was wondering if it would be possible to retrieve the complete list of security roles defined in a web.xml file in the java code? And if so how to do it?

I am aware of the ‘isUserInRole’ method but I also want to handle cases where a role is requested but not defined (or spelled differently) in the web.xml file.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. As far as I know, there’s no way do do this within the Servlet API. However, you can parse web.xml directly and extract the values yourself. I used dom4j below, but you can use whatever XML processing stuff you like:

    protected List<String> getSecurityRoles() {     List<String> roles = new ArrayList<String>();     ServletContext sc = this.getServletContext();     InputStream is = sc.getResourceAsStream('/WEB-INF/web.xml');      try {         SAXReader reader = new SAXReader();         Document doc = reader.read(is);          Element webApp = doc.getRootElement();          // Type safety warning:  dom4j doesn't use generics         List<Element> roleElements = webApp.elements('security-role');         for (Element roleEl : roleElements) {             roles.add(roleEl.element('role-name').getText());         }     } catch (DocumentException e) {         e.printStackTrace();     }      return roles; }
    • 0