tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rashmi Rubdi <dev_subscripti...@yahoo.com>
Subject Re: How to password protect a directory?
Date Tue, 05 Dec 2006 15:54:35 GMT
With Tomcat you can also use a URL Rewrite Filter to transparently (HTTP 200) redirect requests
to the protected folder 
to a HTTP 403 status or a password required page.

But I can't gurantee if URL Rewriting makes the directory fully secure.

----- Original Message ----
From: David Delbecq <delbd@oma.be>
To: Tomcat Users List <users@tomcat.apache.org>
Sent: Tuesday, December 5, 2006 5:58:53 AM
Subject: Re: How to password protect a directory?


Mikolaj Rydzewski a écrit :
> Hi,
>
> I have several directories mapped to my Tomcat instance with
> context.xml like this:
>
> <?xml version="1.0" encoding="ISO-8859-2"?>
> <Context
>        cookies="false"
>        docBase="/home/stats/some_dir"
>        path="/stats"
> />
>
> There're only html files there. No JSP, servlets, and of course no
> WEB-INF. How can I password protect those directories (or webapps)? Do
> I have to create appropriate WEB-INF/web.xml and security constraints?
> Or is there any simpler solution?
>
Only static resources? Yes, there is a simpler solution, don't use
tomcat, use an apache web server and a .htaccess file.

If you really need tomcat, yes, a web.xml is highly recommanded then.


 
____________________________________________________________________________________
Cheap talk?
Check out Yahoo! Messenger's low PC-to-Phone call rates.
http://voice.yahoo.com

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message