This week's book giveaway is in the Big Data forum.
We're giving away four copies of Elasticsearch in Action and have Radu Gheorghe & Matthew Lee Hinman on-line!
See this thread for details.
The moose likes Tomcat and the fly likes Protect  folders outside webapps Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Elasticsearch in Action this week in the Big Data forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Protect  folders outside webapps" Watch "Protect  folders outside webapps" New topic

Protect folders outside webapps

Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362

I have defined a context.xml so that the user can browse the files under that dir...for example so that it can be access through browser like http://localhost:8080/logs. Right now anybody can see this logs, but I want to protect it...Please guide me how to do?

Mary Cole
Ranch Hand

Joined: Dec 02, 2000
Posts: 362
Any suggestions guyz
John Peters

Joined: May 25, 2007
Posts: 18
I'm not familiar with context.xml files, but I googled around for a minute and found two articles on it:

Link 1

Link 2

It looks like you need to define a realm in the context.xml file (Link 1):

And then set up your web.xml file to secure that specific directory with some sort of container based authentication (Link 2).

If you're using Apache as the proxy between Tomcat, you can insert a Deny statement in a <directory> for that directory in the httpd.conf file
Authentication, Authorization, and Access Control in Apache Web Server
I agree. Here's the link:
subject: Protect folders outside webapps