Anybody have any idea where to find some more comprehensive doc on tomcat?

[Christopher Chan <fe...@netfront.net>]

Can anybody please tell me where I can more information on the security constraint configuration?

I want to let http methods get and post in without user authentication but I want to restrict options, propfind, head, put and other webdav methods to authenticated users only.

I mean, if I just use a security constraint without the http methods, everybody has to login even if they are browsing and not using webdav.

I have tried restricting the webdav methods but that just pops an error on the client side. The client apparently cannot attempt to login...

Any ideas please?

Christopher