> > Good. That's the answer I need. One more question, can I
> assign different
> > secret keys to each JServ? I think this could provide a
> better security.
>
> I don't think so.
>
> That doesn't make sense. How exactly would it provide better security?
>
> In reality, you should be blocking that port # at your router
> anyways, so it
> really isn't an issue.
>
> -jon
>
If port blocking can do everything, why we need to setup secret key?
Let's assume there are two groups of people sharing the same server. If we
can use two JServs, we can start the two Jservs manually with different user
id, let's say jserv1 and jserv2. Then we can setup the permission of
resources which are private to group1 to be 600 and make it owned by jserv1.
Thus only servlets run by the JServ with uid 'jserv1' can read thoese
resources. However, giving the two JServ same secret key may cause some
security problem. That why I ask this question.
Sean
----------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://www.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
