chanoch<p><a href="http://www.amazon.com/exec/obidos/ASIN/1861007736/" target="_blank" rel="nofollow">Author of Professional Apache Tomcat</a></p>
chanoch<p><a href="http://www.amazon.com/exec/obidos/ASIN/1861007736/" target="_blank" rel="nofollow">Author of Professional Apache Tomcat</a></p>
Ashik Uzzaman
Director of Engineering, Twin Health, Mountain View, CA, USA
Originally posted by chanoch wiggers:
why avoid basic? form is no more secure since they both pass the username and password in plain text to the servlet.
also, you dont have to use the tomcat-users.xml file = tomcat has a JDBC Realm that allows you to authenticate against the details in the db.
Don't get me started about those stupid light bulbs. |