Marco wrote:
2 - Apache delegates the servlet to make the authentication. This would be
the very best solution, but I suppose it is impossible (could an Apache
module implement this feature?)
You can do this! Turn off authentication in Apache and implement it in
your Servlet.
-- Charles
I've read several places (see link below) that "Tomcat is the slowest
Servlet Engine you can run." Is this still true? What are the
prospects for Tomcat 4.0 improving speed?
-- Charles
http://slashdot.org/comments.pl?sid=00/11/30/180246threshold=-1pid=45#54
Andy Nuss wrote:
So assuming the site requires "single sign-on". And that there are
several segmentations of the site, each of which could
be handled by a different web-app:
I'm getting the impression that I'm supposed to do some
kind of magic with the session cookie.
Sessions do not
Andy Nuss" [EMAIL PROTECTED] wrote:
It seems like each webapp is a separate servlet context, which means
that there is no way to share session info among different components
of the site, if they are segmented as Webapps.
Steve Quail wrote:
Two words:
cookie
database
Andrew Oliver wrote:
From my perspective you should have a secure login.
if your login is passed from a non-secure area to a
secure area there's not really that much purpose in
providing the security in the first place.
No argument, but who said anything about logging in? Sessions can be
Miles Daffin wrote:
Brett Bergquist wrote:
Actually the test that you want is:
if (user.compareTo("admin") == 0) {
...
}
And how is this any different from using
"if (user.equals("admin"))"?
...
'compareTo(Object o)' returns an int
...
[EMAIL PROTECTED] wrote:
Does Tomcat support HTTP PUT?
Yes.
How?
The same way all Servlet containers support HTTP PUT. Try reading a
book on Servlet programming. I recommed Jason Hunter's "Java Servlet
Programming" from O'Reilly.
-- Charles
