tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Hale" <mh...@rolemodelsoft.com>
Subject Security issues with tomcat-apache combo
Date Sat, 07 Apr 2001 03:04:16 GMT
Here is the situation:
	I have some webapps that I would like to require password access to.
	I can do this using the web.xml file if I only use tomcat.

The problem:
	I need to have tomcat be a plugin to apache, but when I run them together
	apache handles all requests that are not for jsp's or servlets.  This
causes
	all non jsp or servlet stuff to be unprotected.

Questions:
	Is there a way to allow tomcat to handle all requests and still be
	able to use the dynamically generated mod_jk.conf-auto file?

	Is there another better way to setup coordinate security in tomcat+apache?


Thanks in advance,

Michael Hale
RoleModel Software (www.rolemodelsoft.com) - The XP Software Studio
mhale@rolemodelsoft.com
919.557.6352


Mime
View raw message