On Nov 20, 2008, at 10:15 , Christopher Schultz wrote:
SecurityManagers are such a pain in the ass IMO. If you're writing
your
own applications and deploying them yourself, I say give up on the
SecurityManager because you're not protecting yourself from anyone but
yourself. SecurityManagers are best used when either untrusted or
partially-trusted code will be running in your Tomcat instance. I'm
sure
a lot of folks will disagree with me on this one, but the
SecurityManager is more trouble than it's worth if you ask me.
Yea I have been reading more about the SecurityManager and I think
that I will probably go without the security manager enabled since
this server is only going to be running this particular application
and I am the only one that is going to be maintaining it.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
