Return-Path: 
 <tomcat-user-return-120588-apmail-jakarta-tomcat-user-archive=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org
Received: (qmail 74505 invoked from network); 2 Feb 2005 13:36:32 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur-2.apache.org with SMTP; 2 Feb 2005 13:36:32 -0000
Received: (qmail 16949 invoked by uid 500); 2 Feb 2005 13:36:10 -0000
Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org
Received: (qmail 16556 invoked by uid 500); 2 Feb 2005 13:36:07 -0000
Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
List-Subscribe: <mailto:tomcat-user-subscribe@jakarta.apache.org>
List-Help: <mailto:tomcat-user-help@jakarta.apache.org>
List-Post: <mailto:tomcat-user@jakarta.apache.org>
List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org>
Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Delivered-To: mailing list tomcat-user@jakarta.apache.org
Received: (qmail 16396 invoked by uid 99); 2 Feb 2005 13:36:06 -0000
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=
X-Spam-Check-By: apache.org
Received-SPF: pass (hermes.apache.org: local policy)
Received: from mail.zooplus.de (HELO mail.zooplus.de) (212.18.25.230)
  by apache.org (qpsmtpd/0.28) with ESMTP; Wed, 02 Feb 2005 05:36:05 -0800
Received: from exchange2.home.zooplus.de (unknown [192.168.10.72])
	by mail.zooplus.de (Postfix) with ESMTP id C432157613
	for <tomcat-user@jakarta.apache.org>; Wed,  2 Feb 2005 14:36:01 +0100 (CET)
Received: by exchange2.home.zooplus.de with Internet Mail Service
 (5.5.2657.72)
	id <D0APT66T>; Wed, 2 Feb 2005 14:36:01 +0100
Message-ID: 
 <10361639FF4CA04ABB30F54683E4FB85020B0EB4@exchange2.home.zooplus.de>
From: Bernhard Slominski <bernhard.slominski@zooplus.com>
To: 'Tomcat Users List' <tomcat-user@jakarta.apache.org>
Subject: AW: Deny access to a JSP page
Date: Wed, 2 Feb 2005 14:35:57 +0100 
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2657.72)
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Virus-Checked: Checked
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

Hi,

I think the easiest way is to add a security contsraint in you web.xml =
of
you web application:

<web app...>
   <security-contraint>
      <web-resources-collection>
     	   <web-resource-name>Test</web-resource-name>
         <url-pattern>/myjsps/*</url-pattern>
      </web-resources-collection>
      <auth-contsraint/>
  <security-contraint>
...

</web app>

this will block all reuqests to the folder /myjsps
You can also block certain http methods or allow access th certain =
users,
check the spec for more details.

Cheers

Bernhard

-----Urspr=FCngliche Nachricht-----
Von: apuerta.foros [mailto:apuerta.foros@renr.es]
Gesendet: Dienstag, 1. Februar 2005 20:23
An: tomcat-user@jakarta.apache.org
Betreff: Deny access to a JSP page



 Hi all.

 I'd like Tomcat to deny access to some JSPs with internal information.

 I can configure Apache to deny access depending on the user IP,
transparently.
=20
 I'd like to do the same in Tomcat, but i don't now how.

 Any idea? Thanks.




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org