tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gerry Duhig" <ger...@nectar.demon.co.uk>
Subject Security Questions
Date Wed, 30 May 2001 11:00:20 GMT
Hi!

I have Tomcat setup, actually running with JBoss, and I am looking at security.

I can setup an application with a login-conf in web.xml, but I cannot see who or what handles
that. Is it Tomcat directly, or some loaded subsystem?

In detail: In my server.xml file I have the following:

        <RequestInterceptor className="org.apache.tomcat.request.AccessInterceptor"  debug="0"
/>

What is this actually saying or doing?

I also have:

        <!-- Check permissions using the simple xml file. You can 
             plug more advanced authentication modules.
          -->
        <RequestInterceptor 
            className="org.apache.tomcat.request.SimpleRealm" 
            debug="0" />
  
Same question! What's it for, what's it do? I don't seem to have a simple xml file, should
I?

Gerry
 

Mime
View raw message