On Wed, 19 Jan 2005 21:54:48 +0900, Sylvain ~ <[EMAIL PROTECTED]> wrote: > I'm working on a simple application which requires very simple > security as given there is only 3 kind of users : anonymous, users and > admin. > > For portability issues, I don't want to use Tomcat's security system.
Tomcat doesn't have a tomcat specific security mechanism. They use the one specified by the JSP/Servlet spec. > > I think using JAAS or securityFilter for a such simple application > would create more problems than it would solve, so I firstly decided > to implement a security feature with a jsp tag that I'll include in my > webpages. Not really, as you found out putting pages together is a bit tricky. Security filter is much easier, and using the JSP/Servlet security even easier. JAAS is usually wrapped by a Security Filter, and Tomcat has a JAAS plugin to implement the standard security. > > The tag is similar to the one provided as an example of struts : checkLogon > > It was working well with the firsts drafts of my application, but > since I use Tiles I can't perform any redirect with this tag, I just > get a blank page where the protected page should take place. > > The page access is protected well, but what should I do if I want to > have a "403 page" instead of just displaying the page ? > > Any Idea would be appreciated. > Sylvain. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
