-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chema,
On 9/23/2011 6:49 AM, Chema wrote: >> >> In your code, you would examine the Principal & see if it had >> permission to proceed. Then return the resource or an error, >> accordingly. >> > > On my way , I would put "your code that examine the Principal & > see if it had permission " into a custom realm class. This custom > realm can check only user authorization , no role Realms cannot check authorization at all, only authentication, so the Realm is not the right place to do this. > This way, you avoid to have to implement a redirection manually You don't have to do a redirect, either. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6A24EACgkQ9CaO5/Lv0PD9qwCaA4ooJQjhb89mtkTzKpRb5B+5 JkUAn3HB8kr1bveO86LqjvqgYEJM8ro6 =wr32 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
