-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John,
On 11/11/2009 5:01 PM, John Morrison wrote: > I've not come across filters before - I'll look into them in more depth at > work tomorrow, however could you expound upon how you would envisage it > working? The filter simply checks your requirements before allowing access to a particular resource. > Does the filter cover all the resources, because once the user token has > been verified I wasn't going to pass it around anymore...? One way to do this would be to put a either the token itself or something else (like a simple Boolean flag) into the user's session that indicates that they have passed the "token test" at some point. Your filter can check for either the session token or one in the incoming request. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkr8GPkACgkQ9CaO5/Lv0PA0xACePS1i+iftVjJX/EwlgJnV8n9y rHoAoIwhebLlWHqnkuRYQSr6OgnyGLJ3 =ZdlP -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
