tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Worsley <>
Subject How to forward to protected files?
Date Wed, 10 May 2000 07:05:41 GMT

   This mailing list seems to be a mostly problem reporting forum as I
   haven't received any answers back. So I will ask a again a more specific

   I am using apache with mod_ssl -> tomcat. I want to forward requests to
   some pages but not want to force each page to authenticate the request.
   Specifically if I can forward the request to an internal hidden page
   that's not accessible from the webserver that's fine.

   But my reading of the documentation is that URLs are mapped as per normal
   requests so this can never happen under servlet 2.2 spec. Ugh!

   I tried to use apache restrictions <Location> <Directory> directives in
   the vague hope I could stop requests at apache before they are forwarded
   to tomcat with mixed results.

     <Directory> has no effect.

     <Location> only works if I restrict the whole context!

     Yet the tomcat.conf file implies that something along these lines are
     required to restrict the WEB-INF directory???

# ApJservMount /CONTEXT/servlet  /root
# <Location /CONTEXT/WEB-INF/ >
#      AllowOverride None
#      deny from all
# </Location>

	Has anyone gotten this to work?

		Thanks in advance.



View raw message