You have to define what you mean by:
> nobody else to be able to get to it
> (home directory/ or webapps/userName/).
If you want people not to be able to see other people work, the answer is
that only tomcat running as root can see everybodys stuff, when their
directory permssions are 700, but then, if they are smart, they will write
a servlet which will read other people's dirs and run it from within
TOMCAT. If you only want people not to be able to write to other people
dirs, you just tell them to have files with read permission to everybody
including tomcat.
If you want to prevent people from seeing each other stuff (and prevent them
from exploiting tomcat to see other people stuff), then, sorry to say,
you have to have a separate tomcat for everybody, running with this person
user id, all files readable only by this user (i.e., permissions 600 and
700 for dirs).
Jan
On Sun, 22 Apr 2001, Brent and Maria wrote:
> Hello tomcat users,
> This is a re-post. I got one answer, but I am looking for another way.
>
> I am trying to set up tomcat-apache on a linux machine. There are several
> accounts on the machine and all of them need to use tomcat. I want
> everyone's work in their own place and nobody else to be able to get to it
> (home directory/ or webapps/userName/). Is there a standard for doing this?
>
> How do you set up tomcat to look in separate folders/directories for
> jsps/servlets for each user?
> Please let me know (if I have been specific enough) if you know of any way
> to do this (or any resources that you can point me at to help me). I was
> thinking that I would create everyone a separte folder under the /webapps
> dir, but I was unsure about priviledges...
>
> Thanks ahead for the help, Brent
>
Jan K. Labanowski | phone: 614-292-9279, FAX: 614-292-7168
Ohio Supercomputer Center | Internet: [EMAIL PROTECTED]
1224 Kinnear Rd, | http://www.ccl.net/chemistry.html
Columbus, OH 43212-1163 | http://www.osc.edu/
