We got around this by implementing application level security. Using
Servlets you have access to the standard browser authentication and every
servlet that implements the WebAuthentication interface that we created
requires a valid user. We store the username password and access privelages
in a JDBC compatible database, making it much easier to manage than standard
Apache impelementation.
If you want some sample code to add to your servlets then let me know and I
will mail it to you.
Regards,
Shaun Collopy
Dow Digital
http://www.dowdigital.com.au
-----Original Message-----
From: Steve Nguyen <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>;
[EMAIL PROTECTED]
<[EMAIL PROTECTED]>
Date: Wednesday, May 19, 1999 11:36 AM
Subject: Re:Re: Can I authenticate users in JServ?
>I have not try this, but seems a bit troublesome as most of ISPs will not
allow you to add/change their httpd.conf (except virtual server or dedicated
which are very expensive). Will try with .htaccess today;
>
>Steve Nguyen
>[EMAIL PROTECTED]
>Professional in Mail & Java(tm) for ISPs
>KBMail Professional Software & Service Provider
>http://www.kbmail.com
>
>
>
>-------- Original message --------
>Return-Path: <[EMAIL PROTECTED]>
>Received: from cgi.clearink.com (cgi.clearink.com [205.227.188.8])
> by bizserv.biz1.net (8.9.2/8.9.2) with SMTP id WAA04317
> for <[EMAIL PROTECTED]>; Tue, 18 May 1999 22:26:46 -0500 (CDT)
>Received: from base2inc.com by cgi.clearink.com with SMTP; Tue, 18 May
> 1999 20:25:55 -0700
>Message-ID: <03c801bea1a9$12692c20$[EMAIL PROTECTED]>
>From: "Frank Morton" <[EMAIL PROTECTED]>
>To: "Java Apache Users" <[EMAIL PROTECTED]>
>References: <[EMAIL PROTECTED]>
>Subject: Re: Can I authenticate users in JServ?
>Date: Tue, 18 May 1999 22:38:33 -0500
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Mailer: Microsoft Outlook Express 5.00.2314.1300
>X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
>Reply-To: "Java Apache Users" <[EMAIL PROTECTED]>
>Sender: <[EMAIL PROTECTED]>
>Precedence: Bulk
>List-Software: LetterRip Pro 3.0.5b5 by Fog City Software, Inc.
>List-Subscribe: <mailto:[EMAIL PROTECTED]>
>List-Digest: <mailto:[EMAIL PROTECTED]>
>List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
>----------------------------------
>
>> #1. is to read the FAQ, the .htacess methods are well covered in there.
>>
>> #2. is to use a servlet framework such as Dash
>> <http://www.working-dogs.com/dash/> that make it easy to implement a
>> database backed security model.
>
>
>I do mine by inserting something like the following in httpd.conf:
>
><Location /servlets/<whateverzone>>
>Options None
>AllowOverride AuthConfig
>AuthUserFile /usr/local/apache/security/<whateverzone>/users
>AuthGroupFile /usr/local/apache/sercurity/<whateverzone>/groups
>AuthName "Secure Servlets In <whateverzone>"
>AuthType Basic
>require valid-user
></Location>
>
>I thought that .htaccess didn't work? Anyway, the above works for me.
>
>Note: We need to all thank jon for being so responsive, even with the
>constant frustration of referring people to the FAQ. Thanks!
>
>Frank
>[EMAIL PROTECTED]
>
>
>
>
>
>-- --------------------------------------------------------------
>To subscribe: [EMAIL PROTECTED]
>To unsubscribe: [EMAIL PROTECTED]
>READ THE FAQ!!!! <http://java.apache.org/faq/>
>Archives and Other: <http://java.apache.org/main/mail.html/>
>Problems?: [EMAIL PROTECTED]
>
>
>
>
>-- --------------------------------------------------------------
>To subscribe: [EMAIL PROTECTED]
>To unsubscribe: [EMAIL PROTECTED]
>READ THE FAQ!!!! <http://java.apache.org/faq/>
>Archives and Other: <http://java.apache.org/main/mail.html/>
>Problems?: [EMAIL PROTECTED]
>
>
-- --------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
READ THE FAQ!!!! <http://java.apache.org/faq/>
Archives and Other: <http://java.apache.org/main/mail.html/>
Problems?: [EMAIL PROTECTED]
