tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bernhard Slominski <bernhard.slomin...@zooplus.com>
Subject AW: Deny access to a JSP page
Date Wed, 02 Feb 2005 13:35:57 GMT
Hi,

I think the easiest way is to add a security contsraint in you web.xml of
you web application:

<web app...>
   <security-contraint>
      <web-resources-collection>
     	   <web-resource-name>Test</web-resource-name>
         <url-pattern>/myjsps/*</url-pattern>
      </web-resources-collection>
      <auth-contsraint/>
  <security-contraint>
...

</web app>

this will block all reuqests to the folder /myjsps
You can also block certain http methods or allow access th certain users,
check the spec for more details.

Cheers

Bernhard

-----Urspr√ľngliche Nachricht-----
Von: apuerta.foros [mailto:apuerta.foros@renr.es]
Gesendet: Dienstag, 1. Februar 2005 20:23
An: tomcat-user@jakarta.apache.org
Betreff: Deny access to a JSP page



 Hi all.

 I'd like Tomcat to deny access to some JSPs with internal information.

 I can configure Apache to deny access depending on the user IP,
transparently.
 
 I'd like to do the same in Tomcat, but i don't now how.

 Any idea? Thanks.




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message