Thank you Gary, I will check these links out. Have a happy new year. Gary Gwin <[EMAIL PROTECTED]> wrote:Lior,
It looks like you have short-circuited Tomcat's security model and created your own. We have a Tomcat Security Overview and Analysis that might be of help at: http://www.cafesoft.com/products/cams/tomcat-security.html You might also reference the security section of the the servlet JSR: http://www.jcp.org/aboutJava/communityprocess/first/jsr053/ Gary Lior Shliechkorn wrote: >Hello, > >I'm a bit confused about the whole security implementation in Tomcat. I'm using a >webapp that has a Login.html page that posts information to a servlet that queries a >database to authenticate the user. The values are then set into a bean, and each page >checks the existance of the bean in order to enter that page. > >If I want to add additional security, what would I do in the WEB.XML page in order to >have it secured by tomcat? > >Thanks, > >Lior > > > >--------------------------------- >Do you Yahoo!? >Yahoo! Mail Plus - Powerful. Affordable. Sign up now > > -- Gary Gwin http://www.cafesoft.com ***************************************************************** * * * The Cafesoft Access Management System, Cams, is security * * software that provides single sign-on authentication and * * centralized access control for Apache, Tomcat, and custom * * resources. * * * ***************************************************************** -- To unsubscribe, e-mail: For additional commands, e-mail: --------------------------------- Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now