You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2003/10/13 08:56:04 UTC

DO NOT REPLY [Bug 23759] - allow web.xml security-constraint to restrict by request-origin-host or used-port

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23759>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23759

allow web.xml security-constraint  to restrict by request-origin-host or used-port

william.barker@wilshire.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID



------- Additional Comments From william.barker@wilshire.com  2003-10-13 06:56 -------
What can be specified in a security-constraint is determined by the JCP, not 
Tomcat.  The place to suggest this is servletapi-feedback@eng.sun.com (where it 
may or may not be considered for Servlet 2.4).

In the meantime, consider using the RemoteAddrValve.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org