File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Tomcat and the fly likes Protect  folders outside webapps Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Protect  folders outside webapps" Watch "Protect  folders outside webapps" New topic

Protect folders outside webapps

Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362

I have defined a context.xml so that the user can browse the files under that dir...for example so that it can be access through browser like http://localhost:8080/logs. Right now anybody can see this logs, but I want to protect it...Please guide me how to do?

Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362
Any suggestions guyz
John Peters

Joined: May 25, 2007
Posts: 18
I'm not familiar with context.xml files, but I googled around for a minute and found two articles on it:

Link 1

Link 2

It looks like you need to define a realm in the context.xml file (Link 1):

And then set up your web.xml file to secure that specific directory with some sort of container based authentication (Link 2).

If you're using Apache as the proxy between Tomcat, you can insert a Deny statement in a <directory> for that directory in the httpd.conf file
Authentication, Authorization, and Access Control in Apache Web Server
It is sorta covered in the JavaRanch Style Guide.
subject: Protect folders outside webapps
It's not a secret anymore!