Stephan, > i need tomcat to run/deploy only "known" applications. at startup the > container should somehow realize that a certain app is a "not authorized > one" and not load it.
You could turn off automatic deployment of WAR files and configure each "known" application in your server.xml file. Just make sure that only trusted people can edit the server.xml file and bring Tomcat up and down. -chris
signature.asc
Description: OpenPGP digital signature
