File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

turn off security constraint for a directory

 
Stephen Huey
Ranch Hand
Posts: 618
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The webapp is located at \Tomcat\webapps\mywebapp and that directory has several subdirectories like \Tomcat\webapps\mywebapp\cache\ and \Tomcat\webapps\mywebapp\images\ and these are all protected by one global security constraint (the url-pattern is /* so everything in there is off-limits if you're not authenticated). I'm trying to figure out if there's a way to specify a directory that is an exception, meaning you could access a file in it (if you knew the URL to the file) without being authenticated. Bascially, how can I make a file in \Tomcat\webapps\mywebapp\newdirectory\ be accessible to you without you having to log in?

I'm posting the complete web.xml in mywebapp\WEB-INF\ so you can see what I'm talking about. Also, I'm trying to modify the original developer's work, so I've been using Windows Grep to try and find out where the web resource ADE Supply is mentioned elsewhere, but honestly, I can't find it! How does it know what directory is being specified? Also, do you think this is the same ADE Supply mentioned in the realm-name at the bottom, or is it just circumstantial that they have the same name?

Thanks for your help!


 
leon fan
Greenhorn
Posts: 19
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The whole security mechemism is defined by Java Servlet Specification and implemented by container,
I guess you couldn't find ADE string in your own program.

Seemed there don't exist a better way except list all constraint directory instead of '/*' in entity 'url-pattern', so user can access your exception file without being authenticated
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic