"Carver,F,NAIDP,CARVERFK M" wrote:
>
> Can anyone help me with this problem. I've
> looked through all the documents I can find, but
> I'm none the wiser.
>
> I've set up a zone (called tools) which I have
> successfully mounted (as /tools/servlets) and
> I can use my servlets to my heart's content.
> I also have a selection of CGI scripts which live
> at /tools/cgi. These work too.
>
> However, what I now want to do is to put the
> whole "tools" directory tree inside some realm
> authorization, to prevent unauthorized users
> from running the servlets or CGI scripts.
>
> My first approach was to put realm authorization
> on the /tools directory. This works, sort of.
> I now have to enter a name and password to see
> a directory listing of /tools or to run the CGI
> scripts. But I can still access the servlets
> without needing any authorization.
>
> How do I "turn on" realm authorization for a
> Jserv zone?
>
> Thanks in advance,
>
> Frank.
>
Put in httpd.conf
<location /tools/servlet>
deny from ....
allow from ....
....
</location>
(Change ... with your authorization parameters...)
Should work...
Pier
--
Pierpaolo Fumagalli - Java Apache Project - <http://java.apache.org/>
E-Mail <mailto:[EMAIL PROTECTED]> <mailto:[EMAIL PROTECTED]>
---------------------------------------------------------------------
You can't call yourself a real UNIX administrator until you've edited
a sendmail.cf file. But others can call you crazy if you attempted to
do it twice. What about moving to something smarter?
---------------------------------------------------------------------
----------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html/>
Problems?: [EMAIL PROTECTED]
