BJARTE wrote:
>
> I'm in the design phase of a system that will run on Stronghold 2.4.1
> (Apache 1.3.3) with JServ1.0.3.
>
> I will have one servlet to interact with regular users, generaing web-pages
> from database etc. And another servlet to deal with administration of the
> system - adding users etc.
>
> To restrict access client certificates will be used.
>
> No my question is if it is possible to restrict access to the admin servlet
> so that ordinary users will only be able to run the client servlet, while
> users with a certificate with the right privileges will also be able to run
> the admin servlet?
>
> Is it possible in Stronghold/Apache to have access control where different
> certificates have access to different servlets?
>
Use the same options you would use for the <Directory> thing, but
instead of specifying them within <Directory>, you have to specify them
within a <Location> tag.
Ex.
<Location /servlets>
deny from all
allow from localhost
....
</Location>
Pier
--
Pierpaolo Fumagalli - Java Apache Project - <http://java.apache.org/>
E-Mail <mailto:[EMAIL PROTECTED]> <mailto:[EMAIL PROTECTED]>
---------------------------------------------------------------------
You can't call yourself a real UNIX administrator until you've edited
a sendmail.cf file. But others can call you crazy if you attempted to
do it twice. What about moving to something smarter?
---------------------------------------------------------------------
----------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html/>
Problems?: [EMAIL PROTECTED]
