tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Harwood <>
Subject Proposal: CanAccessLink(..) test
Date Fri, 10 Jan 2003 12:14:25 GMT
Its cool having authorisation restrictions enforced when accessing a page but 
it would also be useful to query these restrictions when choosing to offer a 
link in other pages.

I have an implementation which offers this query capability based on a hack of 
Tomcat authorisation code. The method signature is:

boolean canIAccess(String url, String method, HttpServletRequest 
currentRequest, ServletContext context)

Is this sort of thing worth rolling into Tomcat somewhere? Without such a 
feature you effectively end up declaring security restrictions twice - once in 
web.xml declarations and once in pages that choose to offer links to these 
secured pages.

Mark Harwood

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message