tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Wentzel <Michael.Went...@aswethink.com>
Subject RE: Web-site security
Date Tue, 16 Jan 2001 13:34:26 GMT
> But I was thinking there might be a configuration file that 
> does this. I
> think that would be a neater way of doing things than 
> including an inlude
> file in all the pages. 

I'm not sure on this one... I don't know of any configurations.

> Can I write a servlet to which all my requests are
> directed before being passed on to the respective pages?

The only way I can think of doing a servlet would be more messy
than the include because all requests would have to go through
the servlet first.

Another thing is try checking out
org.apache.tomcat.request.SessionInterceptor
(referred to in server.xml).  I haven't looked at this class at
all but you might be able to extend it, and using properties
files do whatever session checking you need to do before the
standard requestInterceptor stuff gets done.  Adding a generic
block of code and using properties files would allow for changing 
of session checking without having to recompile.



---
Michael Wentzel
Software Developer
<A HREF="http://www.aswethink.com">Software As We Think</A>
<A HREF="mailto://wentzel@aswethink.com">Michael Wentzel</A>

Mime
View raw message