tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: security-constraint outside web.xml
Date Tue, 02 Dec 2008 15:43:00 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andre,

Andre Rubin wrote:
> Thanks Chuck but SecurityFilter does exactly the opposite of what I want:
> 
> "Security Filter is intended to be packaged within your web app,
> including your realm implementation and supporting classes. This
> allows you to deploy your app as a single, deployable unit (war file
> or expanded war directory structure) with no additional configuration
> of the server environment."
> 
> I want to manage security completely outside my app (outside the war
> file), not just outside web.xml. Maybe I wasn't clear enough on that
> regard.

If you want configuration outside of your webapp, you'll need to roll
something yourself. If I may ask, what's the danger of allowing the
webapp to configure its own security settings? Typically, the webapp
knows what's best for itself.

- -chris

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkk1V4QACgkQ9CaO5/Lv0PA5kACgnGFcGKziBy7tXTg069AeaZWk
VzgAmgJxMIlYE1aeEB9/KU31ks3LQzHS
=p8fU
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message