Hi. The "more standard way" might be to implement the Tomcat Realm interface. See http://jakarta.apache.org/tomcat/tomcat-5.0-doc/realm-howto.html
You will still have to program it yourself (unless you can use the JDBCRealm), and it is still Tomcat specific - but it will let you place the database and Tomcat specific code outside your web application. Best Regards Claus Nielsen > -----Oprindelig meddelelse----- > Fra: Patrick Herber [mailto:[EMAIL PROTECTED] > Sendt: 24. august 2004 11:48 > Til: [EMAIL PROTECTED] > Emne: Custom authorization > > Hi, > > I need to implement a custom authorization for a web application, > where the > access to the different resources is defined inside a database table > with > some sort of rules, also using regular expressions. > > I would like to know if the only method to do this is > programmatically, > implementing - for example - a "SecurityFilter", which catch every > requests > or extending the service() method the default Servlet of the > application > with the necessary code or if there is another "more standard" way to > do it > (perhaps using a Tomcat Valve or something similar). > > Thanks a lot for your precious help. > Best regards > Patrick > > Patrick Herber > Z�rich (Switzerland) > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] ########################################### This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange. For more information, connect to http://www.F-Secure.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
