tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Harwood <markharw...@totalise.co.uk>
Subject Proposal: CanAccessLink(..) test
Date Fri, 10 Jan 2003 12:14:25 GMT
Its cool having authorisation restrictions enforced when accessing a page but 
it would also be useful to query these restrictions when choosing to offer a 
link in other pages.

I have an implementation which offers this query capability based on a hack of 
Tomcat authorisation code. The method signature is:

boolean canIAccess(String url, String method, HttpServletRequest 
currentRequest, ServletContext context)


Is this sort of thing worth rolling into Tomcat somewhere? Without such a 
feature you effectively end up declaring security restrictions twice - once in 
web.xml declarations and once in pages that choose to offer links to these 
secured pages.

Cheers
Mark Harwood


--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message