This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Tomcat and the fly likes Protect  folders outside webapps Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Protect  folders outside webapps" Watch "Protect  folders outside webapps" New topic

Protect folders outside webapps

Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362

I have defined a context.xml so that the user can browse the files under that dir...for example so that it can be access through browser like http://localhost:8080/logs. Right now anybody can see this logs, but I want to protect it...Please guide me how to do?

Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362
Any suggestions guyz
John Peters

Joined: May 25, 2007
Posts: 18
I'm not familiar with context.xml files, but I googled around for a minute and found two articles on it:

Link 1

Link 2

It looks like you need to define a realm in the context.xml file (Link 1):

And then set up your web.xml file to secure that specific directory with some sort of container based authentication (Link 2).

If you're using Apache as the proxy between Tomcat, you can insert a Deny statement in a <directory> for that directory in the httpd.conf file
Authentication, Authorization, and Access Control in Apache Web Server
subject: Protect folders outside webapps
Similar Threads
How to password-protect ALL of Tomcat?
compiling and deploying into Tomcat
Access request object from HttpSessionListener
clearing the log files?
Simple Error..404 Error..But no solution