But, like i said, protecting admin.html with a tomcat rule like this: <security-constraint> <web-resource-collection> <web-resource-name>Reports Browser</web-resource-name> <url-pattern>admin.html</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint>
<login-config> <auth-method>BASIC</auth-method> <realm-name>Protected Area</realm-name> </login-config> wouldn't be enough? Once i have protected my admin.html page with this, the user can't download that page without permission. Or am I missing/misunderstanding something? Nickelnext --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to Google-Web-Toolkit@googlegroups.com To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---