2008/12/30 <removeps-gro...@yahoo.com>: > To hide the existence of the page from robots. > > --- On Tue, 12/30/08, Pid <p...@pidster.com> wrote: > >> From: Pid <p...@pidster.com> >> Subject: Re: How can the login page see parameters in the original request? >> To: "Tomcat Users List" <users@tomcat.apache.org> >> Date: Tuesday, December 30, 2008, 6:26 AM >> removeps-gro...@yahoo.com wrote: >> >> > Only if certain secret fields and values are present, >> do I want to generate the login page. >> >> They're not really secret if you're passing them as >> parameters. >> It sounds like you're trying to over-engineer >> something, which often >> results in no security improvements and sometimes >> introduces flaws. >> >> What is your real goal? >> >
How about passing them with the Session? --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
