thank you, I will investigate securityfilter
Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
John,
John Caron wrote:
Instead of declaring which URLs need to be secure in web.xml, I would
like to determine this when the URL comes in, but then use Tomcat to
deal with the authentication if it is needed. Can anyone give me any
pointers on where to get started with that?
There's no standard way to do this.
Your options are basically to either hack around with Tomcat's
authentication and authorization code (which I don't recommend),
implementing your own authentication and authorization scheme (or
perhaps just the authorization scheme using something like a Valve or,
better yet, a Filter), or piggyback on an existing project like
securityfilter (http://securityfilter.sourceforge.net).
I think that the third option will get you further faster.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFrwl79CaO5/Lv0PARAq1JAJ9eEbHMO1sejY3BizqHXEv/na339ACglZiV
VLNVH1GgzwUcE6d9A5r4X94=
=4O/I
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
