tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josh G <j...@gfunk007.com>
Subject Simple security - or "Why is HttpJspBase.service final?"
Date Wed, 04 Feb 2004 01:23:01 GMT
Is there any reason that HttpJspBase.service() is final, apart from to make 
my life hard?

I'm trying to implement a _simple_ security system that intercepts requests 
before they get to _jspService() so that if certain conditions aren't met, 
a redirect occours instead. I don't want to use filters or anything like 
that if I can avoid it because I want it to be simple to use and I want the 
restrictions to be set in the page itself with the @page info= directive

Another thing that comes to mind, is that I assume that since service() 
simply calls _jspService(), can a browser not perform a HEAD request to a 
jsp page?

I don't particularly want to use a customised version of tomcat, even if 
the only difference is removing one "final"... is there another way to get 
around this limitation?

Cheers,
-Josh


          "He likes to run, And then the thing with the.. person..
                ... Oh boy, that monkey is going to pay."

            [ Josh 'G' McDonald ]  --  [ Pirion Systems, Brisbane]

[ 07 3257 0490 ]  --  [ 0415 784 825 ]  --  [ http://www.gfunk007.com/ ] 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message