The points about javasrcipt links and parameters are valid, but this
thing that causes hassle even for bots that deal with parameters are
jsessionids
Have a look at http://tuckey.org/urlrewrite/ you'll be able to remove
session ids for bots and deal with the request parameters too..
Hth
Mark
On
On 3/17/06, Mark Lowe <[EMAIL PROTECTED]> wrote:
> Thats the 2.3 and 2.4 specs btw.. the 2.2 doesn't have section 12.5
> and the authentication section is section 11..
>
> Anyhow without getting into all that cellar dwelling, i dont think
> that there's a restr
Thats the 2.3 and 2.4 specs btw.. the 2.2 doesn't have section 12.5
and the authentication section is section 11..
Anyhow without getting into all that cellar dwelling, i dont think
that there's a restriction on the amount of securit contraints you can
configure along with login-config's .. Not su
ess control..
Mark
>
> That seems more easy to maintain cause in my application I have just to
> maintain the relationship between roles and permissions
>
> Thanks a lot for your help! I hope you enjoy in my country
> Alessandro
>
>
>
&
On 3/17/06, Mark Lowe <[EMAIL PROTECTED]> wrote:
> On 3/17/06, Alessandro Colantoni <[EMAIL PROTECTED]> wrote:
> > Hi! and good morning (but probably we 're on different continents)
Assiming you're in italy, we're in the same country..
> >
> > I do
(as an other option) and use the
trusty useBean tag, but you'll be depending on jsp folk on getting
this right.. A filter is just tidier..
> Thanks a lot
> Ciao!
>
> PS . good italian. What does it mean schete?
My bad spelling for "scelte"
mark
>
>
>
> On
On 3/17/06, Mark Space <[EMAIL PROTECTED]> wrote:
> Alessandro Colantoni wrote:
>
> > Thanks for rapid answer!
> >What do you mean with filter the roles of second level.
> >How can I do that? if they are not in the auth-constraint and in the role
> >name list they can't access.
> >have O to write a
On 3/17/06, Mark Space <[EMAIL PROTECTED]> wrote:
> Alessandro Colantoni wrote:
>
> > Thanks for rapid answer!
> >What do you mean with filter the roles of second level.
You can still use container based authentication. Especially if you're
already setup to do so.. Just make sure that all users ha
To my knowledge the servlet config is frozen on start up..
My guess would be that you'll need to have a general access role or
roles (those that wont be deleted/modified in your database.. And then
have a second level of access control in your application.. At this
point it would be easier just ha
On 3/12/06, Mark Whitby <[EMAIL PROTECTED]> wrote:
> Hey all
>
> This is probably one of the stupidest posts of the week on here but I'm
> struggling to find the link online that tells me how to use a Realm to
> restrict access to a certain folder: /secure/.
>
> I've set up the realm as stated
>
On 3/12/06, Mark Thomas <[EMAIL PROTECTED]> wrote:
> David Ziants wrote:
> > Constraints of my new project say that I have to use jdk 1.3.2
> > (otherwise I would gladly move it to Java 5).
> >
> >
> > I still want to try and use the latest version of Tomcat (5.5.15 is what
> > I have installed), a
On 2/5/06, Arash Bijanzadeh <[EMAIL PROTECTED]> wrote:
> Could somebody please lead me to what class is behind j_security_check?
Not sure exactly what class you're asking about, but j_security_check
is the url used for form based logins to realms configured for a given
context and/or container..
12 matches
Mail list logo
