On Tuesday 24 July 2007 15:14:09 Caldarale, Charles R wrote: > As has been stated so many times: read the servlet spec. In particular, > look at section 12, which discusses security. If you're using > declarative security, just set it up to cover all URLs for the webapp;
Section 12 doesn't seem relevant to my situation, since the authentication mechanism is buried in the application. > if you're using programmatic security, you're pretty much on your own, > since the container isn't involved. You might want to consider putting > the security in a filter in the latter case. Using a servlet filter looks promising, though; thanks for the tip. -- Richard --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
