Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 67051 invoked from network); 20 Sep 2010 19:37:58 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 20 Sep 2010 19:37:58 -0000 Received: (qmail 31953 invoked by uid 500); 20 Sep 2010 19:37:54 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 31907 invoked by uid 500); 20 Sep 2010 19:37:54 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 31897 invoked by uid 99); 20 Sep 2010 19:37:54 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 20 Sep 2010 19:37:54 +0000 X-ASF-Spam-Status: No, hits=0.9 required=10.0 tests=PLING_QUERY,RCVD_IN_DNSWL_NONE,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [76.96.62.96] (HELO qmta09.westchester.pa.mail.comcast.net) (76.96.62.96) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 20 Sep 2010 19:37:46 +0000 Received: from omta03.westchester.pa.mail.comcast.net ([76.96.62.27]) by qmta09.westchester.pa.mail.comcast.net with comcast id 95d01f00D0bG4ec597dSG1; Mon, 20 Sep 2010 19:37:26 +0000 Received: from [192.168.1.200] ([69.143.109.145]) by omta03.westchester.pa.mail.comcast.net with comcast id 97dR1f00E38FjT13P7dS4c; Mon, 20 Sep 2010 19:37:26 +0000 Message-ID: <4C97B7F4.6080808@christopherschultz.net> Date: Mon, 20 Sep 2010 15:37:24 -0400 From: Christopher Schultz User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.9) Gecko/20100915 Thunderbird/3.1.4 MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Howto: call a Servlet from another Servlet (Example)?! References: <31921308.54.1284995262869.JavaMail.tomcat@localhost> <4C977F78.2050809@christopherschultz.net> <4C97A5A9.1080501@christopherschultz.net> In-Reply-To: X-Enigmail-Version: 1.1.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Leo, On 9/20/2010 3:05 PM, Leo Donahue - PLANDEVX wrote: > Chris, > >> -----Original Message----- From: Christopher Schultz >> [mailto:chris@christopherschultz.net] Subject: Re: Howto: call a >> Servlet from another Servlet (Example)?! >> > - From my reading, the OP is doing his own authentication rather > than using container-managed authentication. > > -chris > I thought rolling your own authentication, rather than using > container-managed security for authentication, is a bad idea? Is > that just rhetoric? That's a matter of perspective. I'd recommend using container-managed authentication and authorization to pretty much everybody. Or, failing that, at least use a library meant for doing such things, like ACEGI or securityfilter: the folks in charge of those projects have taken care to be spec-compliant (to the extent possible and/or desired) and properly test their products to ensure that they are safe. Rolling your own authentication mechanism often leads to an insecure system. It's also usually not necessary: container-managed security works very well for most people, and the new servlet 3.0 changes to authentication even (I believe) allow the webapp to request authentication under certain other circumstances. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyXt/QACgkQ9CaO5/Lv0PBbEgCffmnSHPKJ12KCZmspuv0CdcWY H5gAoLm4Yrwym1elDFvmFs+y0yta6+8P =no35 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org