posted 6 years ago
I found a post in JavaRanch titled "environment variable referance in Web.xml". It describes a technique where an environment variable (outside the web.xml) can be processed. This seems similar to what you want, with the one (big) change being that your SecurityFilter must "dereference" the variable. Check it out, and good luck!