Hi Charles,
Thanks for the quick answer.
On 04/09/2010 15:20, Caldarale, Charles R wrote:
[...]
Declarative security is intentionally static;
Its not the declarative access control I want to use - I'd have liked to
be able to resuse the authentication code ...
t
[...]
This is very plainly stated in SRV.12.2:
"The security model applies to the static content part of the web application and to
servlets and filters within the application that are requested by the client. The
security model does not apply when a servlet uses the RequestDispatcher to invoke a
static resource or servlet using a forward or an include."
I missed that, obviously:(
Ok - now to figure out how to implement digest authentication ...
Thanks for your help.
Brian
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
