Hi Yoav Shapira, Thanks for the reply. I know my question is client based, but I thought the web.xml might have an option to specify target="_self" or something similar, for the login.jsp (that should be theoretically poss.?) woops.
as regards mailing list, I have v. little xp with lists (at all) , and am not honestly sure how they work. I joined the list <[EMAIL PROTECTED]> because I thought then I would get an email to which I could post to (this email was not in this list either as far as I could see). In addition on this Tomcat website about mailing lists http://jakarta.apache.org/site/mail2.html#Tomcat I could not find reference to [EMAIL PROTECTED] Do I need to be registered (somehow- either digest or high traffic) to post questions to this list? regards Ben -----Urspr�ngliche Nachricht----- Von: Shapira, Yoav [mailto:[EMAIL PROTECTED] Gesendet: Montag, 17. Mai 2004 15:25 An: Tomcat Users List; [EMAIL PROTECTED] Betreff: RE: Tomcat security Hi, The declarative security options offered by the Servlet Specification, those you refer to as the "integrated security options," have no understanding of the client side, i.e. the browser. There is no concept of frame or browser, so you can't do what you're asking for with these declarative security directives. As to finding the mailing list: I'm troubled that you found that so difficult. Links to the mailing list are on the top apache page (www.apache.org), top jakarta page (jakarta.apache.org), top tomcat page (jakarta.apache.org/tomcat), both the binary and source apache download pages (http://jakarta.apache.org/site/binindex.cgi, and http://jakarta.apache.org/site/sourceindex.cgi), the jakarta contact us page (http://jakarta.apache.org/site/contact.html), the home page of a new tomcat installation (webapps/ROOT/index.jsp), and many other locations. Where did you look or what made it difficult to find? Yoav Shapira Millennium Research Informatics >-----Original Message----- >From: Ben Bookey [mailto:[EMAIL PROTECTED] >Sent: Monday, May 17, 2004 9:12 AM >To: [EMAIL PROTECTED] >Subject: Tomcat security > > >Dear List, >I am using tomcats integrated security options, available inside the >web.xml >(see below). When ever the session times out and the user makes a request >for a html/or jsp page within this protected context, appears the login.jsp >page. My problem is that my app uses frames, and when the user makes a >request from a sub-frame the login page shows in this sub-frame window. Is >there a simple way to configure in the web.xml, that the login.jsp page >always is shown >in the parent frame of the browser or document, so causing the whole window >to be reloaded. I guess there isnt and I must do some jscript, or fiddle >around >with html. I would be extremely impressed if there would be a web.xml >solution. > >regards >BB >p.s. It was very hard to find as Newbie, the email address to post this >mail >to!! > >+-------------------------------------------------------------------+ >| GIStec GmbH - Ihr Partner f�r GIS - Technologie | >| | >| Ben Bookey | >| [EMAIL PROTECTED] Fraunhoferstra�e 5 | >| Tel 0 61 51 / 155 - 254 D-64283 Darmstadt | >| Fax 0 61 51 / 155 - 259 http://www.gistec-online.de | >| | >| http://www.ingeoic.de http://www.geo-watermarking.de | >+-------------------------------------------------------------------+ > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
