I'm using the Google Web Toolkit (GWT) inside Eclipse to develop web applications that require a secure SSL connection. Normally (as in when writing non-GWT web applications) I would simply include a security-constraint in web.xml and be done with it. I added a self-signed certificate to the built-in Tomcat and simply told my browser to accept it and I could do my development simulating the production environment. However, working with GWT, you do your development work in hosted mode and not using a real browser and hosted mode does not like SSL. Right now, I'm simply commenting out the security-constraint in web.xml and hopefully remembering to uncomment it either when I build the war file or after I move the application o the production server. Either way, the odds that I forget that step are pretty good.
Do you know of anyway out of this predicament? Is there anyway, for example, that I can globally add a security-constraint in Tomcat, perhaps in server.xml?