tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Konstantin Kolinko <knst.koli...@gmail.com>
Subject Re: making security constraints configureable
Date Mon, 07 Nov 2011 03:30:49 GMT
2011/11/3 Leon Rosenberg <rosenberg.leon@gmail.com>:
> I have a situation where an application is accessable from outside in
> staging and production environment, but shouldn't be open for public
> in staging environment.

Put it behind Apache HTTPD (or any other proxy) and let HTTPD handle
authentication & authorization instead of Tomcat.

I'd advise against using BASIC auth in public internet, unless the
channel is protected with HTTPS.

> What we did so far was, that we excluded everyone via web.xml:
>

You can automate the above. If you pack your war file using Ant, you
can use <replaceregexp> task.

Best regards,
Konstantin Kolinko

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message