Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Protect folders outside webapps

 
Mary Cole
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have defined a context.xml so that the user can browse the files under that dir...for example so that it can be access through browser like http://localhost:8080/logs. Right now anybody can see this logs, but I want to protect it...Please guide me how to do?

Thanks
 
Mary Cole
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Any suggestions guyz
 
John Peters
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Mary,
I'm not familiar with context.xml files, but I googled around for a minute and found two articles on it:

Link 1

Link 2

It looks like you need to define a realm in the context.xml file (Link 1):

And then set up your web.xml file to secure that specific directory with some sort of container based authentication (Link 2).

If you're using Apache as the proxy between Tomcat, you can insert a Deny statement in a <directory> for that directory in the httpd.conf file
Authentication, Authorization, and Access Control in Apache Web Server
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic