If I use htaccess, is the user not going to be prompted an
authentication dialog? That would be not so nice, if the user has
already completed the form based authentication, and then has to
authenticate for htaccess as well.
I guess what I want to do is simply not possible and doesn't make sense.
If Tomcat is "bypassed" by Apache for static content, how should it
handle security for these requests.
Edao, Aliye schrieb:
Hi,
Why don`t you use Apache to protect your static contents??
You might want to use .htaccess ??
http://www.csoft.net/docs/micro/htaccess.html.en
Mit freundlichem Gruß / kind regards
Dr. Aliye Edao
-Ursprüngliche Nachricht-
Von: Torsten Römer [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 17. Juni 2005 00:42
An: Tomcat Users List
Betreff: Container Managed Security and mod_jk/Static Contents
Hello!
In order to improve performance for static contents I have setup Apache
with mod_jk. Now only Struts' *.do requests are served by Tomcat, the
rest is done by Apache. Works fine.
Now I want to restrict access to some resources using using container
managed security. That also works fine, but, and that is now my question:
I also want to protect static contents, but that won't work with
container managed security, because these requests are handled by Apache
and don't even make it to Tomcat. Of course I could just mount the
contents to be protected to Tomcat, but then I'll lose the performance
advantage of having them served by Apache.
Do I have to live with that or do I have a stupid setup?
Torsten
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]