Hi, I've looked for an answer to this in the archives, but can't see one. Apologies if this is an apache question. I have an apache Tomcat 3.2.2 set-up, with a single webapp context. I use apache to serve all static content, but many of the pages in the app sub directories have .htm extensions, but provide dynamic content. I want to prevent all browser access to all directories under the webapp root, (except a log in page).
The problem is if I restrict access via the apache conf file, the webapp stops working as no 'static' content is served such as stylesheets and script files. Does the answer lie in realms ? or is it an apache set-up problem ? One solution I suppose is to stop apache serving static content, - but will users need to authenticate all pages ? Thanks