-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stephen,
Stephen More wrote: > On 10/12/07, Christopher Schultz wrote: >> Yes, this is how to do it. If you don't want to do it yourself, you can >> use securityfilter (http://securityfilter.sourceforge.net), which has >> already been written. > > Thanks, securityfilter is a great example. Sure. Actually, this thread motivated me to start talking to the author, and I'm now a maintainer for the project. Hopefully, I'll be able to re-vamp the documentation, re-factor some code and start adding features. (!) >>> ?? - stick with container-based security and find a way to make >>> cookies for "Remember Me" work. >> I think you're out of luck, here, too. > > I think I found a way to make it work, but it is too difficult. I looked into securityfilter 2.0, and it looks like the "remember me" capability actually /is/ in there, in contrast to the documentation. It's possible that it doesn't work properly, or that it is not fully tested. > You can create your own org.apache.catalina.authenticator to look at > cookies, but it requires making changes to catalina.jar. > > I prefer to stick with war files so I will go with application based security. I agree. securityfilter is designed to provide the app-based security for you... it's supposed to live in your webapp, not in the container. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHiRW9CaO5/Lv0PARAqSiAJ0QUjk47q7YTptk7dtUUBfLJ8LAywCgkNhc 3VPT5uptLbbLeOOwC+7q4f8= =x4KD -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
