> From: Richard Dymond [mailto:[EMAIL PROTECTED] > Subject: Tomcat 6, MyFaces, and "wrapping" static content > > Is there any way to place the web application's > authentication mechanism in front of the static > HTML, so that it's accessible only to users who > are logged in? I've read through the tomcat > configuration documentation
As has been stated so many times: read the servlet spec. In particular, look at section 12, which discusses security. If you're using declarative security, just set it up to cover all URLs for the webapp; if you're using programmatic security, you're pretty much on your own, since the container isn't involved. You might want to consider putting the security in a filter in the latter case. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
