-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Eric,
Robinson, Eric wrote: | I'm too lazy for all that. :) Laziness and authentication are never a good combination. | I was hoping it would amount a few extra lines in some configuration | file. Now I'm thinking I'll figure out a way to lock it down in group | policy or with some changes to the proxy server. If it's acceptable to have different URLs for the "special" IP-only users, then you could simply map different URLs to certain resources (or all of them) and then apply security constraints differently to each set of URL mappings. If you're willing to have different URLs, you could also just deploy two separate copies of your webapp -- one with authentication turned on and the other disabled, but with a RemoteAddressFilter on all URLs. Just a few ideas... - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkgq8+MACgkQ9CaO5/Lv0PCFtACgg5aPqwrmdAc0vvBon8oEKFvA oIsAoMA9kRHduwcADZh/axCVWpdRora9 =DNNH -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
