> From: Richard Dymond [mailto:richard.dymond@(protected)]
> Subject: Tomcat 6, MyFaces, and "wrapping" static content
>
> Is there any way to place the web application's
> authentication mechanism in front of the static
> HTML, so that it's accessible only to users who
> are logged in? I've read through the tomcat
> configuration documentation

As has been stated so many times: read the servlet spec. In particular,
look at section 12, which discusses security. If you're using
declarative security, just set it up to cover all URLs for the webapp;
if you're using programmatic security, you're pretty much on your own,
since the container isn't involved. You might want to consider putting
the security in a filter in the latter case.

- Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

---------------------------------------------------------------------
To start a new topic, e-mail: users@(protected)
To unsubscribe, e-mail: users-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)