Hi, We have a Tomcat server (without Apache HTTP server) serving on two ports, 8080 and 8443 (HTTP and HTTPS respectively) using two connectors as described in the various Tomcat SSL FAQs.
What I want to do is require users coming in on port 8443 (from the internet) to pass basic user authentication before they can access anything while still allowing our internal users on port 8080 (which will not be accessible from the internet) access without authentication. Basically, I am trying to make a secure extranet the lazy way without annoying the existing intranet users. Can anybody suggest a reasonably easy way to do this? At first I was thinking that I could just put a url-pattern inside a security-constraint in web.xml but I realised that this does not operate on the full URL so I could not filter by port number or protocol here. Thanks, Daniel. -- Daniel Rigal MSc. Systems Administrator - Jai Kudo IT Support Team. This message has been scanned for viruses by MessageLabs. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
