File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Other Java Products and Servers and the fly likes User Authentication for subfolder not working in Web browser Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Other Java Products and Servers
Bookmark "User Authentication for subfolder not working in Web browser" Watch "User Authentication for subfolder not working in Web browser" New topic

User Authentication for subfolder not working in Web browser

Ratish Saseendran

Joined: Apr 13, 2012
Posts: 1
We are using Oracle Application and Database Server for our application.

One of the functionalities of the Application is to send emails with attachments.

The logic is that the Application would generate the attachment file on the Application Server.

Then a database package uses Oracle's utl_http package/procedures(more specifically utl_http.request_pieces where the single argument is a URL) to pick up the file from the Application Server via URL, attach the file and send the email.

Exchange and Relay Server is also set in the Application.

The problem is that the folder containing the folder which stores the attachments is having user authentication set.

Example : The main folder is /apps/interface, this folder requires a valid user when it is accessed via URL on a web browser.

Alias created in httpd.conf

Alias /int-dir/ "/apps/interface/"

The folder /apps/interface/email/ is the folder where the attachment files are generated and stored.

Application Server :

Database Server :

Email Server :

Configuration as per httpd.conf

Alias /int-dir/ "/apps/interface/"

<Location /int-dir/>
AuthName "Interface folder"
AuthType Basic
AuthUserFile "/u01/app/oracle/as10g/oasmid/Apache/Apache/conf/.htpasswd"
require user scott

<Location /int-dir/email>
Options Indexes Multiviews IncludesNoExec
Order deny,allow
Deny from all
Allow from
Allow from
Allow from

Using the above configuration the Application is able to attach the files and send the email, however, when we access the following URL : - it prompts for user authentication

However if we use the following URL : - it does not prompt for user authentication, and all the files in the folder are displayed in the browser.

I have tried so many things including AllowOverride, .htaccess, but i am not able to get user authentication for the email folder.

Please help me if you can.

Thanking you in advance,

GLad to give any more information that i can.

Rob Spoor

Joined: Oct 27, 2005
Posts: 20273

That's not Tomcat, that's Apache HTTPD. Although the two can work together, they are unrelated.

How To Ask Questions How To Answer Questions
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 17410

Welcome to the JavaRanch, Rocky!

As Rob said, you are actually dealing with Apache HTTP, which is not the same thing as Apache Tomcat, but this is still about the best forum to ask in.

It appears to me as though it's doing exactly what you told it to do. You defined Location /int-dir/ and Location /int-dir/email.

For /int-dir you said "require user scott". Which considering you're an Oracle shop probably isn't the wisest user ID to pick, but that's another matter.

For /int-dir/email, you didn't say anything about user requirements. If you wanted a login there, you should have included a "require valid-user" and user authorization information. To forbid listing the index, you should have requested "Noindexes".

An IDE is no substitute for an Intelligent Developer.
I agree. Here's the link:
subject: User Authentication for subfolder not working in Web browser
jQuery in Action, 3rd edition