tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Context Path for a subdirectory
Date Fri, 30 Nov 2012 07:22:40 GMT
Leo Donahue - RDSA IT wrote:
> 
>> -----Original Message-----
>> From: André Warnier [mailto:aw@ice-sa.com]
>> Sent: Thursday, November 29, 2012 3:40 PM
>> To: Tomcat Users List
>> Subject: Re: Context Path for a subdirectory
>>
>> Leo Donahue - RDSA IT wrote:
>>>> -----Original Message-----
>>>> From: Mark Eggers [mailto:its_toasted@yahoo.com]
>>>> Sent: Thursday, November 29, 2012 1:12 PM
>>>> To: Tomcat Users List
>>>> Subject: Re: Context Path for a subdirectory
>>>>
>>>> On 11/29/2012 11:41 AM, Leo Donahue - RDSA IT wrote:
>>>>> Reading the docs:
>>>>> http://tomcat.apache.org/tomcat-7.0-doc/config/context.html
>>>>>
>>>>> "..The web application used to process each HTTP request is selected
>>>>> by
>>>> Catalina based on matching the longest possible prefix of the Request
>>>> URI against the context path of each defined Context."
>>>>> If I have a webapp, with a www directory, and in that www directory
>>>>> are
>>>> other directories, how would I restrict access to one of those
>>>> subdirectories to the localhost?
>>>>> webapps
>>>>>   webapp1
>>>>>    -WEB-INF
>>>>>      -classes
>>>>>      -lib
>>>>>    -www
>>>>>      -directory1
>>>>>      -directory2
>>>>>
>>>>> Is the context path of directory1:  /webapp1/directory1
>>>>>
>>>>> Would I create a context named directory1.xml such as the following?
>>>>>
>>>>> <?xml version="1.0" encoding="UTF-8"?> <Context
>>>>> antiResourceLocking="false" privileged="true"
>>>>> path="/webapp1/directory1">
>>>>>
>>>>>    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
>>>>>           allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
>>>>> </Context>
>>>>>
>>>>>
>>>>> Leo
>>>> How about:
>>>>
>>>> http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html
>>>>
>>>> In particular:
>>>>
>>>>
>>>> http://tomcat.apache.org/tomcat-7.0-
>>>> doc/config/filter.html#Remote_Address_Filter
>>>>
>>>>
>>>> Although as has been discussed previously on the mailing list, the
>>>> regular expression is a bit simplistic.
>>>>
>>>> . . . . just my two cents.
>>>> /mde/
>>>>
>>> Thank you Mark.
>>>
>>> I realized the first reply I got might be why not try it, my question, which
I
>> did, and of course I had it wrong.
>>> I thought of security-constraint right after I clicked send, but the filter will
>> also work.
>>> http://planning.maricopa.gov/rest - needed to restrict access to one
>> directory of that webapp.  It's a third party app, but our data.
>> Of course you'll still have to map the filter to the correct context for directory1
>> in
>>
>> webapps
>>  webapp1
>>   -WEB-INF
>>     -classes
>>     -lib
>>   -www
>>     -directory1
>>     -directory2
>>
>>
>> <filter-mapping>
>>       <filter-name>Remote Address Filter</filter-name>
>>       <url-pattern>(??????)</url-pattern>
>>     </filter-mapping>
>>
>> and (??????) is .... ?
>>
>> ;-)
>>
> 
> Sadly, it's advertised in the help section.
> 
> http://planning.maricopa.gov/sdk/rest/gettingstarted.html  scroll to bottom of the page.
> 
> I could surgery out bullet #7 I suppose, but I'm counting on the filter to work.
> 
Ah well, that is what the user enters, which does not necessarily match the layout of your

application.
But did I misunderstand, or did you want to have the IP filter apply only to the 
subdirectory in question ?  My "trick question" was about how you would specify the 
url-pattern so that it applies only to (webapps)/webapp1/www/directory1 (and not to 
(webapps)/webapp1/www/directory2 for instance).


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message