Howdy, No, you're not right. The two provide different views of security. Httpd.conf controls apache, not tomcat, and does nothing to prevent, for example, the execution of malicious applets. Catalina.policy or whatever you want to call the policy file is used by the JVM security manager to enforce its policies, including for example applet sandboxing. If you're not clear what the security manager does, read up the JDK documentation for it.
If should use them both if you're concerned about security. Yoav Shapira Millennium ChemInformatics >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] >Sent: Tuesday, August 26, 2003 12:14 AM >To: [EMAIL PROTECTED] >Subject: No need for catalina.policy? > >Hi >Please tell me once more. >Am I right in assumng that I don't really need catalina.policy if I use >httpd.conf to control access ? >If t, how do they interact ? >TIA :-) This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
