How to password protect a directory?
Hi, I have several directories mapped to my Tomcat instance with context.xml like this: ?xml version=1.0 encoding=ISO-8859-2? Context cookies=false docBase=/home/stats/some_dir path=/stats / There're only html files there. No JSP, servlets, and of course no WEB-INF. How can I password protect those directories (or webapps)? Do I have to create appropriate WEB-INF/web.xml and security constraints? Or is there any simpler solution? -- Mikolaj Rydzewski [EMAIL PROTECTED] smime.p7s Description: S/MIME Cryptographic Signature
Re: How to password protect a directory?
Mikolaj Rydzewski a écrit : Hi, I have several directories mapped to my Tomcat instance with context.xml like this: ?xml version=1.0 encoding=ISO-8859-2? Context cookies=false docBase=/home/stats/some_dir path=/stats / There're only html files there. No JSP, servlets, and of course no WEB-INF. How can I password protect those directories (or webapps)? Do I have to create appropriate WEB-INF/web.xml and security constraints? Or is there any simpler solution? Only static resources? Yes, there is a simpler solution, don't use tomcat, use an apache web server and a .htaccess file. If you really need tomcat, yes, a web.xml is highly recommanded then. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to password protect a directory?
With Tomcat you can also use a URL Rewrite Filter to transparently (HTTP 200) redirect requests to the protected folder to a HTTP 403 status or a password required page. But I can't gurantee if URL Rewriting makes the directory fully secure. - Original Message From: David Delbecq [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Tuesday, December 5, 2006 5:58:53 AM Subject: Re: How to password protect a directory? Mikolaj Rydzewski a écrit : Hi, I have several directories mapped to my Tomcat instance with context.xml like this: ?xml version=1.0 encoding=ISO-8859-2? Context cookies=false docBase=/home/stats/some_dir path=/stats / There're only html files there. No JSP, servlets, and of course no WEB-INF. How can I password protect those directories (or webapps)? Do I have to create appropriate WEB-INF/web.xml and security constraints? Or is there any simpler solution? Only static resources? Yes, there is a simpler solution, don't use tomcat, use an apache web server and a .htaccess file. If you really need tomcat, yes, a web.xml is highly recommanded then. Cheap talk? Check out Yahoo! Messenger's low PC-to-Phone call rates. http://voice.yahoo.com - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to password protect a directory?
Rashmi Rubdi wrote: With Tomcat you can also use a URL Rewrite Filter to transparently (HTTP 200) redirect requests to the protected folder to a HTTP 403 status or a password required page. But it would force me to write some code ;-) I've added another ProxyPass rule in apache and created appropriate .htacces file. -- Mikolaj Rydzewski [EMAIL PROTECTED] smime.p7s Description: S/MIME Cryptographic Signature
Re: How to password protect a directory?
Ok, cool. The solution suggested is for those who don't have Apache HTTP server. But since you have it, it's much easier and secure to use the HTTP server. - Original Message From: Mikolaj Rydzewski [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Tuesday, December 5, 2006 11:08:15 AM Subject: Re: How to password protect a directory? Rashmi Rubdi wrote: With Tomcat you can also use a URL Rewrite Filter to transparently (HTTP 200) redirect requests to the protected folder to a HTTP 403 status or a password required page. But it would force me to write some code ;-) I've added another ProxyPass rule in apache and created appropriate .htacces file. -- Mikolaj Rydzewski [EMAIL PROTECTED] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
