> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Subject: yet another SSL question > > What security-constraints do i need, and where do i have to put them?
The basis for Dhaval's suggestion is section 12 of the servlet spec, obtainable here: http://jcp.org/aboutJava/communityprocess/final/jsr154/index.html For additional examples, look at the WEB-INF/web.xml files for Tomcat's built-in manager and admin apps, usually installed under the server/webapps directory, although as delivered, those do not require HTTPS. The <transport-guarantee> is necessary to force that. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]