tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Abraham Fathman" <afath...@one.net>
Subject RE: More complex security-constraint options
Date Sun, 05 May 2002 05:04:05 GMT
Joel,

You could:

A) Setup a servlet that just included this jsp's. 
B) I don't know if this would work but list the other jsp's in a
separate security-constraint giving everyone access to these jsps... (I
don't know if this is possible - I would do A - it better follows
MVC...)

-----Original Message-----
From: Joel Baker [mailto:news@news.jb21.net] 
Sent: Sunday, May 05, 2002 12:55 AM
To: tomcat-user@jakarta.apache.org
Subject: Re: More complex security-constraint options


I want to restrict all of /*.jsp except a few jsp files that are used
for logging on and such. I currently have a security-constraint doing
this (restricting access to
*.jsp) but of course I can't find any way of allowing the few jsps I
want to publically allow.

Joel.

""Abraham Fathman"" <afathman@one.net> wrote in message
news:<013c01c1f3ec$2bc49720$8a56e20a@pcg>...
| Joel,
|
| Setup a <security-contraint> in the web.xml that includes the url that

| you want to restrict.
|
|
| -----Original Message-----
| From: Joel Baker [mailto:news@news.jb21.net]
| Sent: Saturday, May 04, 2002 10:24 PM
| To: tomcat-user@jakarta.apache.org
| Subject: More complex security-constraint options
|
|
| Hi all,
|
| I'm trying to create a web application that imposes a security 
| constraint on all but a few of the JSP pages. I don't want to split up

| the application putting the non-public stuff in a private directory 
| and only applying the security-constraint to this, as this isn't as 
| elegant as the solution I would ideally like as I want the root of the

| webapp to be the root for a logged in user, not for them to go to some

| directory within the webapp.
|
| Basically, is there a way to refine the security constraints 
| url-pattern tag to allow excluding certain files or directories?
|
| Thanks in advance,
|
| Joel Baker.
|
|
| --
| To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
| For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
| Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
|
|


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>



--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message