After peeking into the tomcat manager webapp I have found a way of getting there
1. Define the webapp context with privileged is true 2. Have the servlet extend ContainerServlet and get hold of the unwrapped Context when setWrapper is called. Works fine, but what worries me is that I have to make this a priviliged web app now and I am unclear as to what the consequences of that are. The Tomcat doc is fairly brief on the meaning of the privileged attribute of the context element so that did not reallly help. Perhaps someone is willing to explain? Thanks, Peter Peter Coppens wrote: > > Gentlepeople, > > I am trying to add a bit of extra security at the application level. I > would like to leverage the information that is defined in the > security-constraint (et al) web.xml settings. > > I found the things I need in org.apache.catalina.deploy but I can not get > bootstrapped from the information I have access to in my doGet/doPost > methods. > > So I have two questions > > 1. Is it correct there is no standard way to access the > security-constraint et al settings from the deployment xml file? > 2. Is there a tomcat proprietary way to get hold of this information from > within a doGet/doPost method? > > Thanks! > > Peter > > > -- View this message in context: http://www.nabble.com/How-to-get-hold-of-security-information-from-web.xml-tf3350216.html#a9320648 Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
