On Tuesday 24 July 2007 15:14:09 Caldarale, Charles R wrote:
> As has been stated so many times: read the servlet spec. In particular,
> look at section 12, which discusses security. If you're using
> declarative security, just set it up to cover all URLs for the webapp;

Section 12 doesn't seem relevant to my situation, since the authentication
mechanism is buried in the application.

> if you're using programmatic security, you're pretty much on your own,
> since the container isn't involved. You might want to consider putting
> the security in a filter in the latter case.

Using a servlet filter looks promising, though; thanks for the tip.
--
Richard

---------------------------------------------------------------------
To start a new topic, e-mail: users@(protected)
To unsubscribe, e-mail: users-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)