Cocoon 1.8.2 - .htaccess?
My search in FAQs and alternative resources have turned up nothing on cocoon security settings with .htaccess. We have a virtual host set up on Apache 1.3.14 for a development space which is to be password protected using .htaccess files. Tomcat 3.2.1 and Cocoon 1.8.2 are also set up on our Sun Solaris 5.8 platform. These are our settings for the virtual host in Apache (httpd.conf): Listen 80 Listen . . . VirtualHost xxx.xx.xx.x: DocumentRoot /usr/local/apache/www Directory / AllowOverride All Options None Allow from all /Directory /VirtualHost Tomcat and Cocoon are working well to deliver unprotected pages, but all .xml pages (handled by the cocoon server) are displayed without login. I am hoping that solving this problem will address the strange behaviour that we have recently had. This includes a login dialogue box which does not authenticate for any known userid and password. The login dialogue box has to be cancelled many times (it seems to be related to the complexity of the page). When all the dialogue boxes are cancelled, the page is displayed with all images broken. Note that if login has already occurred through a .html or .jsp file (Apache and Tomcat are authenticating as expected), these same pages are delivered fine. The .htaccess file is under the www directory and a directory of images is located under www. Tomcat settings for cocoon are: Alias /cocoon /usr/local/tomcat/webapps/cocoon Directory /usr/local/tomcat/webapps/cocoon Options Indexes FollowSymLinks /Directory ApJservMount /cocoon /cocoon AddType text/xml .xml AddHandler jserv-servlet .xml How do I make sure that cocoon does not by-pass .htaccess files? Elisa [EMAIL PROTECTED] - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faqs.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cocoon 1.8.2 - .htaccess?
On Mon, Sep 10, 2001 at 01:54:35PM -0400, Elisa Green wrote: My search in FAQs and alternative resources have turned up nothing on cocoon security settings with .htaccess. Cocoon has nothing to do with .htaccess. Cocoon runs as a servlet. Access to servlets is determined by the servlet container (tomcat). For apache, security is configured with .htaccess files, but in tomcat it's done with security-constraint entries in your webapp's WEB-INF/web.xml file. Have a look at the servlet spec for more info. --Jeff - Please check that your question has not already been answered in the FAQ before posting. http://xml.apache.org/cocoon/faqs.html To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]