Howdy, >The only Tomcat built-in "protection" is Realms: > >http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html
That's a misleading statement. Tomcat supports the full set of security access controls as defined in the Servlet Specification, v2.3, chapter 12. Realms are merely an implementation detail specific to the tomcat container that many users need not worry about it unless they want to create their own. Yoav Shapira This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]