On Tue, Jun 2, 2009 at 1:01 PM, Alec Swan <alecs...@gmail.com> wrote:
> We have one corporate customer who is putting a link to our servlet on their > intranet web page. Therefore, we know the domain name of the users who need > custom authentication. Seems iffy -- none of these users will ever be working remotely and need access? > We can also tell the customer to put whatever we need > in the link, such as HTTP headers. ? You can't put HTTP headers "in" a link, unless you're processing it through some proxy mechanism... > Does this give you enough information to propose a solution? I suspect you need to write your own solution, though this: http://securityfilter.sourceforge.net/ :: has been recommended by others on this list many times, and might help (I've never used it). HTH, -- Hassan Schroeder ------------------------ hassan.schroe...@gmail.com --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
