tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Leo Donahue - RDSA IT <LeoDona...@mail.maricopa.gov>
Subject RE: Context Path for a subdirectory
Date Mon, 03 Dec 2012 22:54:10 GMT
_______________________________________
From: Christopher Schultz [chris@christopherschultz.net]
Sent: Friday, November 30, 2012 8:13 PM
To: Tomcat Users List
Subject: Re: Context Path for a subdirectory

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Leo,

On 11/30/12 5:52 PM, Leo Donahue - RDSA IT wrote:
> Ok, so before I upgraded to Tomcat 7.0.33 to use the container
> supplied remote address filter, what were my options to restrict
> access to just a subdirectory of a web app in Tomcat 6.0.35?

Please remember that you aren't protecting a directory. Ever. You are
protecting a url-pattern and nothing more. 
- -chris

1st, sorry for the format, I'm on vacation and webmail doesn't format replies the way I'd
like.
(sorry chuck, not taking your advice from before on getting out more.  maybe tomorrow...)

I have heard this before, and now I'm beginning to understand why I keep hearing this same
comment.  I now realize my choice of words in describing what I was trying to do leads to
this comment.

As many times as I've heard, "you're not protecting a directory, and some other people use
the phrase 'resource'..." I always thought that there was some trick to getting by the url-pattern
that no one wanted to mention.

As far as the URL vs directory, the server is pretty locked down - so I'm told, and the IP
I use is the IP of the host.  

Ultimately I wanted to restrict access to the URL /rest/admin to requests made by the local
host only to that URL.

webapps
  rest
    www
      admin

Leo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message