On 03/03/2020 12:27, Richard Monson-Haefel wrote: > I've tried to find this but keep running into the three remote address > valves (address, IP, and CIDR) what I'm looking for is an access valve that > uses roles from a realm that checks roles to either path or web application > identifiers - not remote address. This is classic authorization - > role-based authorization.
Servlet specification, version 4, section 13.2 & 13.8 in particular. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
