tomcat-users mailing list archives

Site index · List index

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	"Chris Chappell" <chr...@dive100.freeserve.co.uk>
Subject	Re: Realms and Static pages
Date	Wed, 17 Nov 2004 13:25:27 GMT
Thanks QM but I' still not sure what to do! In my web.xml I have for example (standard stuff!) <servlet> <servlet-name>Config</servlet-name> <servlet-class>org.myorg.config.Config</servlet-class> </servlet> with a mapping and security contraint. I have searched throught the web.xml options below and cannot work out which one for static html pages. Or do you you use servlet like <servlet> <servlet-name>HelpPage</servlet-name> <servlet-class>/HelpPage.html</servlet-class> </servlet> with forward slash to show root context folder. I've serached high and low on the net - all the examples (and in the TC examples) don't restrict static pages. I'm sure its easy when you know how, but .... :-) <!-- "(icon?,display-name?,description?,distributable?,context-param,filter,filter- mapping,listener,servlet,servlet-mapping,session-config?,mime-mapping,welco me-file-list?,error-page,taglib,resource-env-ref,resource-ref,security-const raint,login-config?,security-role,env-entry,ejb-ref,ejb-local-ref)". --> Chris Chappell ----- Original Message ----- From: "QM" <qm300@brandxdev.net> To: "Tomcat Users List" <tomcat-user@jakarta.apache.org> Sent: Wednesday, November 17, 2004 12:02 PM Subject: Re: Realms and Static pages > On Wed, Nov 17, 2004 at 11:34:48AM -0000, Chris Chappell wrote: > : How can I protect static pages on my Tomcat powered site with username/role + > : password information from my jdbc realm? > > Use the standard roles/auth constraints in web.xml. See the servlet > spec, or some random servlet/JSP articles/books, for details. > > > : I have some help pages under /MyContext/help. I cannot find how to put them > : under /MyContext/WEB-INF/help. > : Anybody help? (There's only a few static pages, so it would be overkill to run > : apache as well) > > Yes: don't put them under WEB-INF unless you want to write code to serve > them yourself. =) By default, files under WEB-INF are not available > for standard requests (HTTP/GET, HTTP/POST, etc). This prevents > would-be miscreants from downloading the app's code and config files. > > > -QM > > -- > > software -- http://www.brandxdev.net > tech news -- http://www.RoarNetworX.com > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org > >
Mime	Unnamed multipart/alternative (inline, None, 0 bytes) Unnamed text/plain (inline, Quoted Printable, 2486 bytes)
	View raw message