tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Engelbrecht" <dbre...@transmed.co.za>
Subject RE: Security
Date Thu, 13 Jul 2000 11:32:28 GMT
Hi Ben

Thanks, now it's working !!

One question:

Say for intance I have three files in /david/web directory called

index.jsp
qRequest.jsp
response.jsp

and index.jsp is the only file they may access. How can I forbid them to
access the other two ?

Thanks

David
  -----Original Message-----
  From: Ben Kelley [mailto:ben_kelley@ubsw.com]
  Sent: Thursday, July 13, 2000 1:11 PM
  To: tomcat-user@jakarta.apache.org
  Subject: Re: Security


  Hi.

  Try using <Location> rather than <Directory>.

  e.g.
  <Location /david/WEB-INF>
  Options Indexes FollowSymLinks
  AllowOverride None
  Order allow,deny
  deny from all
  </Location>

         - Ben Kelley.

  ----- Original Message -----
    From: David Engelbrecht
    To: Tomcat
    Sent: Thursday, July 13, 2000 12:06 PM
    Subject: Security


    [...]

    Is there anyone out the that can give me a few tips on security in
Tomcat.

    The following method is not working:

    <Directory "c:\tomcat\webapps\david\web-inf">
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    deny from all
    </Directory>


Mime
View raw message