It's all defined in the servlet spec, downloadable from
http://java.sun.com/products/servlet/index.html.
Tomcat comes with a preconfigured example (examples/jsp/security)
demonstrating this.
--Jeff
On Fri, Apr 06, 2001 at 09:49:38AM +0800, [EMAIL PROTECTED] wrote:
> Hello everybody,
>
> the "problem" is that I should have some security on my site. I think of
> authentifikation by a username and password and then access rights for
> special areas of the site. so far, so good. I started looking arround. I
> know have a login form, a jsp to chaeck username and password and a bean to
> store weather the user is loged in or not. OK. but that didn't help me,
> because I have cocoon-generated html pages on my site. And as far as I know
> in html beans can not be used.
>
> What I thinkis, that you can configure tomcat to check those security
> things. I've been to the faq but the security section is empty, i've read
> the userguide many times but this points I couldn't find. So the questions
> are:
>
> 1.) How to set up (for example) basic security in tomcat?
>
> 2.) Do I need my own login forms, and how would they work together with
> tomcat?
>
> 3.) Do I have to check somewhere if a user is loged on?
>
> 4.) Is there any FAQ or Tutorial about webserver security?
>
> so thanks for reading this, feel free to answer,
>
> Sascha
>
