Maintaining this list is implied by the spec, since the container (obviously/probably?) needs to remember who it has authenticated. But there's nothing that says it needs to tell anyone else about it. I'd recommend a Filter, since it's cross-container.
> -----Original Message----- > From: John MccLain [mailto:[EMAIL PROTECTED] > Sent: Tuesday, February 24, 2004 11:21 AM > To: Tomcat user list > Subject: list of authenticated users question > > > Does Tomcat store a collection of authenticated users > somewhere, or do I have to do that inside my webapp. If I do, > then can someone recommend the best place for this - i.e., a > valve, a filter, in the service() method, a listener, etc.. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
