tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Multiple Authentication Methods?
Date Wed, 14 May 2008 14:14:59 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Eric,

Robinson, Eric wrote:
| I'm too lazy for all that.

:)

Laziness and authentication are never a good combination.

| I was hoping it would amount a few extra lines in some configuration
| file. Now I'm thinking I'll figure out a way to lock it down in group
| policy or with some changes to the proxy server.

If it's acceptable to have different URLs for the "special" IP-only
users, then you could simply map different URLs to certain resources (or
all of them) and then apply security constraints differently to each set
of URL mappings.

If you're willing to have different URLs, you could also just deploy two
separate copies of your webapp -- one with authentication turned on and
the other disabled, but with a RemoteAddressFilter on all URLs.

Just a few ideas...

- -chris

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkgq8+MACgkQ9CaO5/Lv0PCFtACgg5aPqwrmdAc0vvBon8oEKFvA
oIsAoMA9kRHduwcADZh/axCVWpdRora9
=DNNH
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message