-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bill,
Bill Davidson wrote: | Christopher Schultz wrote: |> Is there any particular reason you are not using the built-in |> container-based security mechanism? | | I don't know. I didn't design it. Was that container based security | available in Tomcat 3.2.4? Yep. It's part of the servlet specification. Maybe as you move forward, you could look into using that and reduce the amount of code you have to maintain. Note that TC container-managed authentication does not allow drive-by logins (that is, logins that didn't result from the request for a protected resource). Basically, no "unexpected" logins, which kind of sucks. Securityfilter, available on sourceforge, provides container-managed-auth-style authentication and authorization and gives you some additional options not provided by TC. Feel free to check it out. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkhO2jUACgkQ9CaO5/Lv0PAXjQCfUGbvwuZ1imDAc2fp3AXHO9UR b9UAn0HL8N560ANPfnoyKpZLJdXl8+Oq =PARS -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
