> Speaking of the authentication dialog. Does anyone know of a way to make
> the JWS ACL routines ignore the password field?
I bypass all web server authentication, except for the simplest cases. Instead,
I put an authentication "hook" at the top of each page. I can deny or tailor
content based on HTTP authentication, session cookie, certificate, SSL
encryption strength or any combination or subset of these.
Taking fine-grain control over authentication is one of the coolest things about
servlets!
-- Charles
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
