On Tue, 2016-02-16 at 14:31 -0500, Christopher Schultz wrote: > On 2/16/16 11:50 AM, Dougherty, Gregory T., M.S. wrote: > > I completely and totally trust my servlet with my data. I do not > > in the least bit trust any other servlet running on that Tomcat > > instance. > > Then those servlets shouldn't be deployed into the same application. > Possibly not even within the same JVM. But okay, let's ignore that > lack of safety for the time being. We're ignoring all kinds of other > things as well, so one more doesn't matter. >
If I may interject: I think part of the problem here is the OP is using "servlet" and "webapp" interchangably. He originally used the term webapp but then switched to servlet around the time he laid out this authentication solution. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
