tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Caldarale, Charles R" <Chuck.Caldar...@unisys.com>
Subject RE: WebdavServlet
Date Sun, 01 Jul 2007 17:07:35 GMT
> From: Robert J. Carr [mailto:rjcarr@gmail.com] 
> Subject: Re: WebdavServlet
> 
> > Mapping it to /edit/* allows the content to be exposed at an
> > alternative url.
> 
> Sure, but the content exposed would still be the "whole of 
> the webapp", right?

Yes - allowing appropriately privileged users access.

> > The idea is that normal users access /your-app/*, a
> > system admin can edit contant via /your-app/edit/*.
> 
> Not following what a system admin has to do with anything.

Substitute "privileged user" for "system admin", and control who is
privileged via <security-constraint> elements in your web.xml file.
Constraints can be placed on sub-paths of "edit", as well as "edit"
itself, to segregate just who has webdav access to what portions of the
webapp.

> The 'edit' folder would just be implied ... both "normal users"
> and "system admin" would still be exposed to the whole of the
> webapp, right?

Correct, but only those allowed to use the "edit" path could run the
webdav servlet.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message