From tomcat-user-return-124906-apmail-jakarta-tomcat-user-archive=jakarta.apache.org@jakarta.apache.org Wed Apr 13 21:33:34 2005 Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org Received: (qmail 38577 invoked from network); 13 Apr 2005 21:33:34 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 13 Apr 2005 21:33:34 -0000 Received: (qmail 38922 invoked by uid 500); 13 Apr 2005 21:32:59 -0000 Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org Received: (qmail 38853 invoked by uid 500); 13 Apr 2005 21:32:58 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 38722 invoked by uid 99); 13 Apr 2005 21:32:58 -0000 X-ASF-Spam-Status: No, hits=0.4 required=10.0 tests=DNS_FROM_RFC_ABUSE X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: local policy) Received: from SCIDUBSMTP02.stercomm.com (HELO scidubsmtp02.stercomm.com) (209.95.240.130) by apache.org (qpsmtpd/0.28) with ESMTP; Wed, 13 Apr 2005 14:32:56 -0700 Received: from scidalmsg01.sci.local (Not Verified[10.20.32.47]) by scidubsmtp02.stercomm.com with NetIQ MailMarshal (v5.5.6.7) id ; Wed, 13 Apr 2005 17:32:54 -0400 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Subject: RE: How do I restrict access to webapps applications from browser users? Date: Wed, 13 Apr 2005 16:32:53 -0500 Message-ID: <3D4B9DB9860D18419C7D6B393C7F439808878C3D@SCIDALMSG01.sci.local> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: How do I restrict access to webapps applications from browser users? Thread-Index: AcVAb7ilFsb0ypfSSBKm/QpHZd1JuQAAXX9g From: "Ikonne, Ike" To: "Tomcat Users List" , "Jason Bainbridge" X-Virus-Checked: Checked X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Hi Jason, It is more like the last thing you listed below. I know that when = fronted with Apache, that can be done, I thought tomcat had similar directory control = that=20 apache has without having to setup security constraints. You basically = nailed it, I may have to tell my clients to just front tomcat with Apache. Again, thanks for your response -----Original Message----- From: Jason Bainbridge [mailto:jbainbridge@gmail.com] Sent: Wednesday, April 13, 2005 4:27 PM To: Tomcat Users List Subject: Re: How do I restrict access to webapps applications from browser users? On 4/13/05, Ikonne, Ike wrote: > Hi Darryl, >=20 > Thanks, I thought there was another way to do it other than setting up > security constraints and making users to get the signon page that is > associated with this. >=20 Maybe you need to describe what you are actually trying to achieve by this setup. Are you trying to make it so the content can only be streamed from a JSP/servlet and not accessed directly via the web? (Often done for images and confidential stuff like documents etc) or Are you trying to lock certain users out of certain directories? If you are trying to protect static content you might be best off using Apache and utilising .htaccess files but it all depends what you are trying to do... Regards, --=20 Jason Bainbridge http://kde.org - webmaster@kde.org Personal Site - http://jasonbainbridge.com --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-user-help@jakarta.apache.org