I'm developing a jsp based application using Tomcat, and need to implement security as some of the information and functions in the application are sensitive for different users. In the mailing list, I've seen references to setting up security in web.xml (but the section in the Tomcat manual on security doesn't seem to have been written yet), and I've seen several references to extending the HttpServlet class, but without much detail. If possible, I don't want to invent my own approach - can anyone point me at some examples, or documentation on implementing a security model with Tomcat? Thanks, Tim ******************************************************************** This e-mail is intended only for the addressee named above. As this e-mail may contain confidential or privileged information, if you are not the named addressee, you are not authorised to retain, read, copy or disseminate this message or any part of it. ********************************************************************
