tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Torsten Römer <torsten.roe...@luniks.net>
Subject Re: AW: Container Managed Security and mod_jk/Static Contents
Date Sun, 19 Jun 2005 00:15:30 GMT
If I use htaccess, is the user not going to be prompted an 
authentication dialog? That would be not so nice, if the user has 
already completed the form based authentication, and then has to 
authenticate for htaccess as well.

I guess what I want to do is simply not possible and doesn't make sense. 
If Tomcat is "bypassed" by Apache for static content, how should it 
handle security for these requests.

Edao, Aliye schrieb:
> Hi,
> 
> Why don`t you use Apache to protect your static contents?? 
> You might want to use .htaccess ??
> 
> http://www.csoft.net/docs/micro/htaccess.html.en
> 
> 
> ************************************
> Mit freundlichem Gruß / kind regards
> 
> Dr. Aliye Edao 		
>  
> 
> -----Ursprüngliche Nachricht-----
> Von: Torsten Römer [mailto:torsten.roemer@luniks.net] 
> Gesendet: Freitag, 17. Juni 2005 00:42
> An: Tomcat Users List
> Betreff: Container Managed Security and mod_jk/Static Contents
> 
> 
> Hello!
> 
> In order to improve performance for static contents I have setup Apache
> with mod_jk. Now only Struts' *.do requests are served by Tomcat, the
> rest is done by Apache. Works fine.
> 
> Now I want to restrict access to some resources using using container
> managed security. That also works fine, but, and that is now my question:
> 
> I also want to protect static contents, but that won't work with
> container managed security, because these requests are handled by Apache
> and don't even make it to Tomcat. Of course I could just mount the
> contents to be protected to Tomcat, but then I'll lose the performance
> advantage of having them served by Apache.
> 
> Do I have to live with that or do I have a stupid setup?
> 
> Torsten
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message