Peter Flynn wrote:
I don't know if Kerem Erkan was talking about exploits, but I have
looked for some facility in Tomcat equivalent to Apache .htaccess
files and failed to find any mention of them. Is it possible to do
this kind of IP-level or simple username/password restriction in
Tomcat?
I'm not aware of anything directly analogous to .htaccess, but you
can certainly accomplish the same goals in other ways. Take a look
at SRV.6 (Filtering) and SRV.12 (Security) of the Servlet spec.
HTH,
--
Hassan Schroeder ----------------------------- [EMAIL PROTECTED]
Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com
dream. code.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]