Hello, I have a situation where an application is accessable from outside in staging and production environment, but shouldn't be open for public in staging environment. What we did so far was, that we excluded everyone via web.xml:
<!-- security configuration --> <login-config> <auth-method>BASIC</auth-method> </login-config> <security-role> <role-name>my-access</role-name> </security-role> <security-constraint> <display-name>blub</display-name> <web-resource-collection> <web-resource-name>myres</web-resource-name> <url-pattern>*.html</url-pattern> </web-resource-collection> <auth-constraint> <role-name>my-access</role-name> </auth-constraint> </security-constraint> <!-- /security configuration --> Is there any possibility to make this conditional, depending on an environment property? Is there any other opportunity to achieve the same? Currently we have to kill the above lines from web.xml after each deployment and this sucks ;-( regards Leon --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org