You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Varrun Ramani <va...@gmail.com> on 2012/07/02 19:34:07 UTC
tomcat filters
Hi
I am in the process developing a web application firewall(WAF) for
tomcat similar to what mod security does, and am planning to use the
filter API already present in tomcat to intercept requests and do the
filtering. Are there any existing efforts at doing this for tomcat?
Thanks,
Varrun
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat filters
Posted by Pid * <pi...@pidster.com>.
On 5 Jul 2012, at 01:51, Christopher Schultz
<ch...@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Pid,
>
> On 7/2/12 6:15 PM, Pid wrote:
>> On 02/07/2012 18:34, Varrun Ramani wrote:
>>> Hi
>>>
>>> I am in the process developing a web application firewall(WAF)
>>> for tomcat similar to what mod security does, and am planning to
>>> use the filter API already present in tomcat to intercept
>>> requests and do the filtering. Are there any existing efforts at
>>> doing this for tomcat?
>>
>> Quite a few yes. Acegi Security (now called Spring Security) for
>> example.
>
> Forgive my ignorance, for I've never used Spring [anything]... does
> ACEGI/SpringSecurity provide features like mod_security, or is it a
> replacement for container-managed J2EE security (or both)?
Bit of both and more.
p
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk/05PUACgkQ9CaO5/Lv0PCYYgCgt0kEVBouJW+C82IdECGowzw/
> ghsAoJJuzr2+9PqGrmWuHqO+anyPUPCP
> =szuF
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat filters
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Pid,
On 7/2/12 6:15 PM, Pid wrote:
> On 02/07/2012 18:34, Varrun Ramani wrote:
>> Hi
>>
>> I am in the process developing a web application firewall(WAF)
>> for tomcat similar to what mod security does, and am planning to
>> use the filter API already present in tomcat to intercept
>> requests and do the filtering. Are there any existing efforts at
>> doing this for tomcat?
>
> Quite a few yes. Acegi Security (now called Spring Security) for
> example.
Forgive my ignorance, for I've never used Spring [anything]... does
ACEGI/SpringSecurity provide features like mod_security, or is it a
replacement for container-managed J2EE security (or both)?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk/05PUACgkQ9CaO5/Lv0PCYYgCgt0kEVBouJW+C82IdECGowzw/
ghsAoJJuzr2+9PqGrmWuHqO+anyPUPCP
=szuF
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat filters
Posted by Pid <pi...@pidster.com>.
On 02/07/2012 18:34, Varrun Ramani wrote:
> Hi
>
> I am in the process developing a web application firewall(WAF) for
> tomcat similar to what mod security does, and am planning to use the
> filter API already present in tomcat to intercept requests and do the
> filtering. Are there any existing efforts at doing this for tomcat?
Quite a few yes. Acegi Security (now called Spring Security) for example.
p
> Thanks,
> Varrun
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
--
[key:62590808]