Léa Massiot wrote:
...
What's interesting is that, in the same servlets container, one WebApp "has
access" to another WebApp through "/w1/uf1/f.txt" "/w2/uf2/f.txt" type of
addressing.
That's only because you look at it the wrong way.
It is not that "one webapp has access to another webapp", it is that the user's browser
has (apparently) access to both webapps.
By the time one of these links gets used, it is because the html page is loaded by the
user's browser, the user clicks on one of the links, and the browser sends a new request
to the server. What happens then is only a matter of the server deciding if this request,
coming from that browser connection, is allowed to access the requested resource.
If you add an authentication requirement in one of these webapps, and not in the other,
you will see the difference.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
