tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kenneth topp <>
Subject Re: Sharing sessions across contexts?
Date Sat, 07 Oct 2000 01:46:27 GMT
On Fri, 6 Oct 2000, Craig R. McClanahan wrote:

> What you are describing is somewhat similar to the "single sign on" support
> that was just added to Tomcat 4.0.  It relies on webapps that use the
> container-managed security features of the servlet 2.2/2.3 APIs, and works
> like this:  the first time the user tries to access a URI protected by a
> security constraint, the user must log in according to the login
> configuration of that webapp.  However, their user identity is propogated
> across all the webapps of this virtual host so the user won't be challenged
> to log in to each webapp individually.

this is just an implementation of http authentication of rfc2617, no?

Is the security constraint going to be customizable, like apache

Kenneth Topp

View raw message