tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kim <...@aerodrive.com>
Subject Re: restrict per user public_html to serve static files only...
Date Wed, 27 Jun 2012 06:57:20 GMT
Hi,Andre
Thanks for the advice. I do implement a Valve class to capture all the
request before forwarding to actual web app. However, I can not know
in advance the actual url for the servlet or JSP ..
i.e. I can not know from the URI  in the Valve class that the
resources is static files or servlet ...
Regards,
Kim

2012/6/27 André Warnier <aw@ice-sa.com>:
> Kim wrote:
>
>> Hi, Dear all
>> I'm using tomcat 6.0.35 on linux CentOS 5.7 using sun jdk jdk1.5.0_11.
>> I need to enable public_html for my user but for security reason, I
>> would like restrict the functions to serve static files only.
>> Can anyone tell me how to do that ?
>> Actually I can build tomcat from src and don't mind modify the code
>> base for this specific feature.
>> Can anyone help me to point out which source file I should modify ...
>> Regards,
>> Kim
>>
>
> Modifying the Tomcat code base for this seems to me a heavy, non-portable,
> non-maintainable, non-upgradable solution.
> You could this with a very simple (*) Servlet Filter.  One may already exist
> which does that.
> I'd be surprised if you couldn't do that with, for example, the URLRewrite
> filter.
> http://www.tuckey.org/urlrewrite/
> Rewrite URLs that do not point to static pages, to some error page URL, et
> voila.
> (better : rewrite all /public_html/* URLs to the error page, /except/ if
> they end in \.(xxx|yyy|zzz))
>
>
> (*) and light and portable and maintainable and upgradable
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message