tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeffrey Winter" <jeffreywin...@attbi.com>
Subject Re: Authentication and Filters
Date Fri, 10 Jan 2003 02:12:06 GMT
> A key rule to remember is that security constraints are applied *only* on
> the original URL requested by the client -- not on RequestDispatcher
> calls.  

On last thing, is this a part of the servlet spec, or is it left unstated
and this is just Tomcat's particular implementation?

Thanks

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message