Pivo wrote:
Caldarale, Charles R wrote:
From: Piavlo [mailto:lolitus...@gmail.com]
Subject: Re: howto setup url security constraint with parameters?
The problem is that <WatchedResource> does not work for user dirs
defined with org.apache.catalina.startup.UserConfig
Sounds like a bug, but I haven't looked at the code. What version of Tomcat
are you using?
Currently 6.0.20 , but this also does not work with 5.5 versions.
But putting aside the buggy WatchedResource issue - is there a way to
do a security constraint of a url on granularity of also matching
specific HTTP GET parameters/values pairs in that url?
Just jumping in with some lateral thinking, and without the background.
The idea would be to catch these requests earlier, and dispatch them, on
the base of the GET parameters, to different webapps, each with it's
appropriate security constraints.
I think a servlet filter (such as the URLRewriteFilter) would be too
late already.
But a front-end Apache httpd would not.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
