> From: PraDz [mailto:[EMAIL PROTECTED] > Subject: Tomcat Security > > How do i restrict users from entering the image/text files > path directly in the browser.
Instead of putting your image/text directories under your <Host>'s appBase, put them under the associated app's WEB-INF directory, where they are guaranteed to be protected, per the servlet spec. (Remember that each webapp is intended to be self-contained, so all static resources it uses should be bundled with it.) Tomcat treats anything under appBase as a webapp, so the default servlet is delivering the images and text. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]