tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maurice Yarrow <>
Subject Re: Tomcat Security
Date Sat, 28 Oct 2006 21:07:31 GMT
Chris, Chuck

Yes, Chris: the below is the case exactly:
(Actually, galleries - and consequently their included
images and documents are authenticated, not specific images.)

So what I would like to know how to do is how to programmatically
bypass web.xml-based authorization and impose this authorization
on a access-case-by-case but take advantage of applying
the induced security contraint  to any URL pattern desired (Chuck's
wording)  ?


Christopher Schultz wrote:

>Well, he did say that the user can choose arbitrarily what the
>authorization rules were. I would imagine that includes changing it on
>the fly. Changing the URL on the fly based upon the authorization rules
>would be very awkward. It was also unclear if the "passworded" images
>meant that a user must login and be recognized, or there is a specific
>password on each image. The latter would prohibit web.xml-based

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message