tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: Basic and Form Authentication
Date Mon, 30 Nov 2009 10:29:23 GMT
Anthony Jay wrote:
> Hi,
>   Is is possible to have an application that serves content protected by
>   BASIC and FORM based auth?
> i.e.
> JSP protected by FORM
> Servlets that process XML use http BASIC?
There is a rather extensive description available here :

and it also points you to the relevant section of the Servlet 
Specification (2.4 or 2.5), section SRV 12.1 and following.

 From reading it in diagonals, to me it seems possible to do that, if 
the URLs for the two types of "servlets" above can be distinguished.
But you may want to wait for a more authoritative answer than mine.

The above is all about container-based security.
There is another "philosophy" available, namely servlet-filter based 
security, which may do what you want.
The expert on that is Christopher, who will be having a look here in a 
few hours.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message