On 06/11/2009 00:29, Pivo wrote:
Caldarale, Charles R wrote:
From: Piavlo [mailto:lolitus...@gmail.com]
Subject: Re: howto setup url security constraint with parameters?
The problem is that<WatchedResource> does not work for user dirs
defined with org.apache.catalina.startup.UserConfig
Sounds like a bug, but I haven't looked at the code. What version of Tomcat
are you using?
Currently 6.0.20 , but this also does not work with 5.5 versions.
But putting aside the buggy WatchedResource issue - is there a way to
do a security constraint of a url on granularity of also matching
specific HTTP GET parameters/values pairs in that url?
Short answer: no, not using container based security.
That would be a task for the Servlet itself to perform as part of it's
logic. You can use 'request.isUserInRole("somerole")'.
p
Thanks
Alex
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you received
this in error, please contact the sender and delete the e-mail and its
attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
