-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Ravi,
(Moving the discussion back onto the list: please reply to the list and not to individuals. That's what community is about.) On 3/3/14, 5:29 PM, Ravi Gupta wrote: > Thanks, the issue is that my customer does not want to restrict > the admin-console in it's war - the rational is anybody can then > just redeploy a new admin-console.war and access it (overwrite the > restrictions). They want to restrict access to this context from > OUTSIDE the actual deployment. Make sense? It makes perfect sense. To deploy your web application in a "safe" way, you need to do the following: 0. Start with a stopped Tomcat. 1. Put the WAR wherever you want it to live. CATALINA_BASE/webapps is fine. 2. Extract META-INF/context.xml from your WAR file and place it in CATALINA_BASE/conf/[engine]/[host]/[appname].xml 3. Modify [appname].xml to add whatever restrictions you want. 4. Start Tomcat. If you overwrite the WAR file, the restrictions you have set should be maintained. Note that if you /undeploy/ the webapp and then redeploy it, any customizations will be lost and will have to be re-applied. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJTFQPbAAoJEBzwKT+lPKRYRmoQALE8fXXv+UVHkMCwzBHHfyvI FVfO8pxCEk8oxvrMunLjC/E2+O8KVCCSDYEjWYYuQs0L1cKjEWyuF6w0P8QDo6fB lE1pxuShreC1SMMZBEGf9GX0QORPgAB1C4tFnKEYP7/O/0l0KORGh81/AolhroG+ 8UvlNbFeb0LUR/ABHjdc2PN1UVL3FjruFMhkJSu0ZGqK8TpO7D74VWG2B5JD6zy6 ecFKQVSKf7wCLYJ5vXLpyLFJ/H5DKb6c5BBa7L0Edw+bEM8/YM9f7eoXl77TyBup Lhx19LOzrfFqcDNPXpqiSKy8VCEJH0TNd1iegJwWH4uTK/BYOu38pALspQ6piGjJ re8/goyGahK4Ii7A7B6463I/WqzuSwYxzoNYOMFd0db3gp5gzCq8u6MUgx1jTupA iG4f9SvGC4pvytTKujS/c36uHVipn3YbgTZzbsyhUug7VvTn5uSZUN1e68v+y9LA JV0sLGlzay6STujPamVInO6ICOEiqnY5TuoRoedmlYSLC0dkT5Nvpw9G4trL0WMc WZLVlKKgd3eQU4hUBNqeVfnlmwRuE2LFwHdAC1TpyWVsHkNaTtcCMq/YMkl+xAD0 4uka25gHs3g+j7KmGvvo4gjnPY1ODfTJbYrAdlhSZoMkuesyAW8gaYqG4NR6FoWm /tcZDv4FLrEtv5zXrz9l =L2bz -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org