Am 27.01.2012 15:28, schrieb Luciano Andress Martini:
Sorry where is the correct place to put this security constraint?
The web.xml file is an essential part of each Tomat web application. It
is located in <myapp>/WEB-INF/web.xml.
2012/1/27, Luciano Andress Martini<777u...@gmail.com>:
Thomas Rohde:
With this tomcat still can upload files? Cause it need to can =[
2012/1/27, Luciano Andress Martini<777u...@gmail.com>:
Thomas Rohde
Man thank you very much, i will try it now! =]
2012/1/27, Luciano Andress Martini<777u...@gmail.com>:
Humm sorry friends im not trying to fight, i just really need to do
that.
I will try to draw what i want to happen, maybe my english is very poor.
(TOMCAT SERVER) says
-Yes i can access
/var/lib/tomcat6/webapps/temporarios/upload_contracheque i can upload
files here.
(USER) says
-No i cant access
/var/lib/tomcat6/webapps/temporarios/upload_contracheque/
(TOMCAT LIST HELPER) says
Luciano, Idiot you need to move this directory outside tomcat6
upload_contracheque.
(DEVELOPER) says
Luciano Idiot, i never will move this directory, you just need to
block it, as you do in Apache2. You dont know how to do that?
Understand now?
2012/1/27, Luciano Andress Martini<777u...@gmail.com>:
I really want to block a directory like
/webapps/temporarios/upload_contracheque
Yes is the first option but withou moving the directory outside
tomcat, because im not the developer of the system, and i just put
this system on the server.... and i really need to simple block this
directory...=//
I need to block this, in the similar way that i do in apache...
/var/lib/tomcat6/webapps/temporarios/upload_contracheque
I really cant move this outside this directory.
Thank you.
2012/1/27, André Warnier<a...@ice-sa.com>:
Luciano Andress Martini wrote:
I need to do this in tomcat6:
Apache2 form:
<Directory /var/www/temporarios/upload_contracheque>
Order allow,deny
deny from all
</Directory>
I think that you are again not very clear, but I will try to guess.
There is no direct equivalent of the above in Tomcat, because Tomcat
works
on the base of
"context" rather than "disk directory".
(For an Apache2 equivalent, think<Location> instead of<Directory>).
So to re-phrase your question :
You have a directory in Tomcat, like (tomcat_dir)/webapps/mywebapp/X ,
and
you want to
prevent (all) web users from accessing the content of that
sub-directory
X.
Yes ?
If yes, then the best way of achieving this is probably to have this
directory be outside
of the Tomcat /webapps/ space (better even, totally outside the Tomcat
directory tree).
If you need to access it from Apache2, then you can always use an
Alias
in
Apache2.
E.g.
/var/www/site1/docs/ = Apache2 DocumentRoot
/var/www/tomcat/webapps/ = Tomcat webapps dir
/var/www/temporarios/upload = directory where the files are uploaded
In Apache2 :
Alias /temporarios/ /var/www/temporarios/
<Directory /var/www/temporarios>
..... (Allow/deny and other things) ...
</Directory>
In Tomcat : nothing (Tomcat will not even see this directory, and no
Tomcat
URL can reach
it).
If your Tomcat webapp needs to read/write there, then you decide that
inside
your Tomcat
webapp.(And you give the Apache and the Tomcat user the appropriate
user-id
& permissions
to read/write there).
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
