This week's book giveaway is in the Beginning Java forum.
We're giving away four copies of Learn Java with Math: Using Fun Projects and Games and have Ron Dai on-line!
See this thread for details.
Win a copy of Learn Java with Math: Using Fun Projects and Games this week in the Beginning Java forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Bear Bibeault
  • Junilu Lacar
  • Martin Vashko
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Knute Snortum
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Scott Selikoff
  • salvin francis
  • Piet Souris

password protecting directories under Tomcat

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is it possible to implement simple password protection for user directories under Tomcat, where Tomcat is running at a hosting company (So I cannot use conf/tomcat-user.xml, or add to server.xml, etc)

I can set up a simple test locally, using <security-constraint> in web.xml. It works fine, but it relies on conf/tomcat-user.xml.

All I want to do is emulate the simple apache .htaccess password protected directories.

Thanks
Andrew
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There is no equivalent to .htaccess in JEE.
URLs in JEE are not necessarily tied to files in directories.


Originally posted by Andrew Connick:

I can set up a simple test locally, using <security-constraint> in web.xml. It works fine, but it relies on conf/tomcat-user.xml.



It relies on roles.
tomcat-users.xml is one way to set up users and roles.
See:
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html
 
Andrew Connick
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I did look at the Realm how-to information before. It starts by saying you add to server.xml. I can't do that, because that's controlled by the web host. Is it possible to put it in context.xml ?

(and it certainly didn't look like the 'simple' solution I was hoping for !)

Thanks
Andrew
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Originally posted by Andrew Connick:

(and it certainly didn't look like the 'simple' solution I was hoping for !)



Apache web server thinks in terms of serving or executing files in directories. JEE servers map url-patterns to defined resource but can also serve up static resources and execute JSP files in directories. It would be difficult, in a more complex environment to do something as simple as htaccess.

If you're not averse to some coding, it would be fairly simple to write a filter to restrict access to specified directories.
 
Shiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!