in web.xml for the manager app, force it to use SSL, that way the only way to connect into it is over SSL and you are good to go, even with basic authentication
Filip ----- Original Message ----- From: "Adam Hardy" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Friday, September 19, 2003 10:43 AM Subject: manager/html app Is there a way to configure the manager app to use form-based or digest authentication so I can use SSL to encrypt the login? As I understand it, with basic authentication the passwords are sent in plain text across the net, allowing them to be snooped out from caches and logs. I've no experience of this, so any comments would be appreciated. Thanks Adam -- struts 1.1 + tomcat 4.1.27 + java 1.4.2 Linux 2.4.20 RH9 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
