-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dharamshila,
On 3/9/2011 11:58 AM, Dharamshila Khandelwal wrote: > I was able to make it work. Enable Invoker Servlet Mapping in conf/web.xml. That would do it, although you should enable it in your webapp's web.xml /only/ and not for the entire server if possible. > However I had to enable priveleged="true" in context.xml. Right. > Do you see any flip side to it? Yes: remote clients can execute arbitrary servlets, potentially bypassing security constraints. > I know that it is not the most secured way > but this is my application website and runs in the intranet. It's better to explicitly map your servlets. It's just not that hard to do, so take an hour or so and do it. Disable the invoker and move on with your life :) - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk13tSIACgkQ9CaO5/Lv0PAIOQCdHiRHqszpx77MuBcwuvdx+Jx0 xU8An28caIrXZ/ACyna3/G3PMt3NEt/c =Tyjz -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
