Mikolaj Rydzewski wrote:
Oh, I read your original posting again and it now the solution with apache in the front is not the best one.But we still need to get tomcat ssl configuration inside a servlet. The reason: In our strange architecture (struts-flavour) a servlet is a wrapper for actions with states. Only some of these states have to be secured. Have anybody an idea how to get that information?You can run an apache server in the front. And then use mod_rewrite (for specific URLs) to redirect users to secure pages. The application (and Tomcat) doesn't need to know anything about security in this scenario.
I'd try to use MBeans and JMX infrastructure to find out tomcat configuration. http://tomcat.apache.org/tomcat-5.5-doc/monitoring.html
The admin webapp depends on MBeans to 'talk' to tomcat. So try this way. -- Mikolaj Rydzewski <[EMAIL PROTECTED]>
smime.p7s
Description: S/MIME Cryptographic Signature
