-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tim,
On 6/24/2009 2:59 PM, Tim Funk wrote: > If you want a black list - it would probably be easier to write a filter > [programmatic security] instead of declarative security. You can even combine declarative + programmatic and read your configuration from web.xml <init-param> elements for your filter. Of course, you'll have to map the <filter> to the right URI patterns, so your constraints aren't all in the same place, unfortunately. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpCnkoACgkQ9CaO5/Lv0PD5VwCgk2/6LRE1TUoua5R0AyJmqs7g XAcAnj2QlH79Bul7Hf/Dn1gIX4gfb38K =mn2B -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
