The "deny" directives in the httpd.conf are not respected when it comes to pages ending with either of the .jsp or .do extensions, and are therefore relayed to Tomcat which then gives the response to the browser.
The Deny directives are not respected for these requests. But I know that Apache still respects those directives, because all I can access from outside of my .company.com domain is the plain html, without any images or any style sheet. This behavior is confirmed by the Apache access.log and error.log Finaly, to answer your question, my problem is not that I can't restrict access to areas, it is that my restrictions defined in httpd.conf are not respected when it comes to dynamic content. Luc Boudreau Université du Québec Canada -----Message d'origine----- De : Justin Crabtree [mailto:[EMAIL PROTECTED] Envoyé : 15 juillet 2005 10:02 À : Tomcat Users List Objet : Re: Apache-like Deny/Allow directives [EMAIL PROTECTED] wrote: > Is there any way, with Tomcat, to block connections from domains and allow > only certain ones, just like the Apache directive : > > Order Deny,Allow > Deny from all > Allow from .company.com > > I've setup my Apache server to do this, but since all the dynamic content is > relayed to tomcat (jsp's), it is still accessible to the internet. > > Luc Boudreau > Université du Québec > Canada Is there a reason you can't use Apache directives on the areas you wish to restrict? -- Justin Crabtree Java Programmer Ozarks Technical Community College 447-7533 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
