tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Watts <...@cliftonfarm.org>
Subject Re: Session expiration - browser -Web application
Date Fri, 04 Nov 2011 19:16:55 GMT
On Fri, 2011-11-04 at 13:07 -0400, Christopher Schultz wrote:
> On 11/4/11 12:04 PM, Léa Massiot wrote:

<SNIP>

I would basically echo what Chris said.

> >> [Tim wrote:] I'm assuming (perhaps incorrectly) you've already
> >> got some declaration in there for form authentication?
> > What are you thinking about? Can you be more precise?
> 
"Form authentication" is part of the servlet spec.  The spec is quite
precise and fairly accessible reading.  As Chris said, read the sections
on authentication and authorization.  Trust me, you'll be glad you read
it.  The servlet 2.5 spec is here:

http://download.oracle.com/otn-pub/jcp/servlet-2.5-mrel2-eval-oth-JSpec/servlet-2_5-mrel2-spec.pdf


> If users are logging-into your webapp, presumably they are providing a
> username and password (or other credentials): where do you have that
> configured?
> 
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> 
> iEYEARECAAYFAk60G7QACgkQ9CaO5/Lv0PDIlACgoqsUbBg77GjOYVIbSfkAMbQW
> I7AAoIXZVd5nMgT4v8fUeXnQTqcpJLmA
> =IxaF
> -----END PGP SIGNATURE-----
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message