tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: Apache filters?
Date Fri, 04 Nov 2005 10:30:45 GMT
Hi Bruno,

I think that is the sort of thing I need. That sounds
pretty much equivelent to the Tomcat Filter.
Credentials will be stored on a database so fairly
easy to hook into.

I'm not sure what you mean by security boundary but
each request for a resource under the remit of Apache
will be individually authorised.

Presumably Apache must be used to lock down resources
based on dynamic things such as: - numbers of use of a
resource, or - time-based. Is this what you can add
with that mod? I wonder if there is anything
opensource out there.

Thanks alot Bruno. If you have any more details, that
would be great. 

--- Bruno Georges <> wrote:

> Alex 
> There many approach to this, the first one that come
> to mind is mod-rewrite parsing the request and apply
> some processing if there is a match..
> Where do you store credentials? LDAP?
> Where is the security boundary in your design?
> Hope this helps
> Bruno Georges
> Glencore International AG
> Tel. +41 41 709 3204
> Fax +41 41 709 3000
> ----- Original Message -----
> From: ALEX HYDE []
> Sent: 04.11.2005 00:40
> To:
> Subject: Apache filters?
> Hi all,
> I am using Tomcat to serve up my image content. I
> was considering moving this static content to Apache
> itself but I'm stuck on how to do dynamic
> authorisation of a directory in Apache. In Tomcat I
> can restrict access to the images directory by
> adding a filter and in this filter dynamically
> checking for a valid security pin in the url. But
> how would I do such a thing in Apache? I know Apache
> can do it based on user or requesting machine but
> this is more dynamic.
> Cheers alot
> Alex
> ---------------------------------
> To help you stay safe and secure online, we've
> developed the all new Yahoo! Security Centre.
> LEGAL DISCLAIMER. The contents of this e-mail and
> any attachments are strictly
> confidential and they may not be used or disclosed
> by someone who is not a
> named recipient.
> If you have received this email in error please
> notify the sender by replying
> to this email inserting the word "misdirected" as
> the message and delete this
> e-mail from your system.

To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message