Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes Other Java Products and Servers and the fly likes User Authentication for subfolder not working in Web browser Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Products » Other Java Products and Servers
Bookmark "User Authentication for subfolder not working in Web browser" Watch "User Authentication for subfolder not working in Web browser" New topic
Author

User Authentication for subfolder not working in Web browser

Ratish Saseendran
Greenhorn

Joined: Apr 13, 2012
Posts: 1
We are using Oracle Application and Database Server for our application.

One of the functionalities of the Application is to send emails with attachments.

The logic is that the Application would generate the attachment file on the Application Server.

Then a database package uses Oracle's utl_http package/procedures(more specifically utl_http.request_pieces where the single argument is a URL) to pick up the file from the Application Server via URL, attach the file and send the email.

Exchange and Relay Server is also set in the Application.

The problem is that the folder containing the folder which stores the attachments is having user authentication set.

Example : The main folder is /apps/interface, this folder requires a valid user when it is accessed via URL on a web browser.

Alias created in httpd.conf

Alias /int-dir/ "/apps/interface/"

The folder /apps/interface/email/ is the folder where the attachment files are generated and stored.

Application Server : 10.12.213.21

Database Server : 10.12.213.22

Email Server : 10.12.213.44

Configuration as per httpd.conf

Alias /int-dir/ "/apps/interface/"

<Location /int-dir/>
AuthName "Interface folder"
AuthType Basic
AuthUserFile "/u01/app/oracle/as10g/oasmid/Apache/Apache/conf/.htpasswd"
require user scott
</Location>


<Location /int-dir/email>
Options Indexes Multiviews IncludesNoExec
Order deny,allow
Deny from all
Allow from 10.12.213.21
Allow from 10.12.213.22
Allow from 10.12.213.44
</Location>

Using the above configuration the Application is able to attach the files and send the email, however, when we access the following URL :

http://10.12.213.21:7778/int-dir/ - it prompts for user authentication

However if we use the following URL :

http://10.12.213.21:7778/int-dir/email/ - it does not prompt for user authentication, and all the files in the folder are displayed in the browser.

I have tried so many things including AllowOverride, .htaccess, but i am not able to get user authentication for the email folder.

Please help me if you can.

Thanking you in advance,

GLad to give any more information that i can.

dxbrocky
Rob Spoor
Sheriff

Joined: Oct 27, 2005
Posts: 19552
    
  16

That's not Tomcat, that's Apache HTTPD. Although the two can work together, they are unrelated.


SCJP 1.4 - SCJP 6 - SCWCD 5 - OCEEJBD 6
How To Ask Questions How To Answer Questions
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15661
    
  15

Welcome to the JavaRanch, Rocky!

As Rob said, you are actually dealing with Apache HTTP, which is not the same thing as Apache Tomcat, but this is still about the best forum to ask in.

It appears to me as though it's doing exactly what you told it to do. You defined Location /int-dir/ and Location /int-dir/email.

For /int-dir you said "require user scott". Which considering you're an Oracle shop probably isn't the wisest user ID to pick, but that's another matter.

For /int-dir/email, you didn't say anything about user requirements. If you wanted a login there, you should have included a "require valid-user" and user authorization information. To forbid listing the index, you should have requested "Noindexes".

Customer surveys are for companies who didn't pay proper attention to begin with.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: User Authentication for subfolder not working in Web browser
 
Similar Threads
Source jsp code visible in apache
Sending an HTTP request from behind Apache
Tomcat + Apache configuration servlet access problem
java mail attachments
How To Send Multiple Attachments In An Email