Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Tomcat admin pages

 
Nicholas Turner
Ranch Hand
Posts: 126
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a few jsp pages for admin duties on my web site I created.
Is there a proper way to successfully separate them. I already have a secured area for customers so how would I have an additional login area for an administrator?
thanks,
Nick
 
Mike Curwen
Ranch Hand
Posts: 3695
IntelliJ IDE Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you're using container managed security features, then you'd simply make all you admin pages accesible through a certain URL pattern (like /admin/*) and then place security on that pattern.
 
Nicholas Turner
Ranch Hand
Posts: 126
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
uhhh, how would i know if i'm using container managed features?
 
Mike Curwen
Ranch Hand
Posts: 3695
IntelliJ IDE Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I already have a secured area for customers

How are you securing it? Are you using 'programmatic' security, meaning... you've coded a login page and you check a username/password submission against a database, place a logged in user into the session, and on every page that is 'secure', you check for that user first?

-or-

Did you use Tomcat's built-in security features?

Either way... just continue to use either of those methods.
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html
 
Nicholas Turner
Ranch Hand
Posts: 126
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
well i use tomcats builtin security methods for the customer secure area.
but I want 2 secure areas, one for customers and one for the admin.
 
Mike Curwen
Ranch Hand
Posts: 3695
IntelliJ IDE Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
well, you can have both through the built-in. I'm not sure what the question is, if you're already using the built-in security features. Just use them again, for the other set of pages.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic