Cant you use
<Location "/my_secured_resource">
Order Deny,Allow
Deny from all
Allow from .company.com
</Location>
Regards
Guru
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: 18 July 2005 14:30
To: tomcat-user@jakarta.apache.org
Subject: Re: Apache-like Deny/Allow directives
The "deny" directives in the httpd.conf are not respected when it comes to
pages ending with either of the .jsp or .do extensions, and are therefore
relayed to Tomcat which then gives the response to the browser.
The Deny directives are not respected for these requests.
But I know that Apache still respects those directives, because all I can
access from outside of my .company.com domain is the plain html, without any
images or any style sheet.
This behavior is confirmed by the Apache access.log and error.log
Finaly, to answer your question, my problem is not that I can't restrict
access to areas, it is that my restrictions defined in httpd.conf are not
respected when it comes to dynamic content.
Luc Boudreau
Université du Québec
Canada
-----Message d'origine-----
De : Justin Crabtree [mailto:[EMAIL PROTECTED]
Envoyé : 15 juillet 2005 10:02
À : Tomcat Users List
Objet : Re: Apache-like Deny/Allow directives
[EMAIL PROTECTED] wrote:
> Is there any way, with Tomcat, to block connections from domains and allow
only certain ones, just like the Apache directive :
>
> Order Deny,Allow
> Deny from all
> Allow from .company.com
>
> I've setup my Apache server to do this, but since all the dynamic content
is relayed to tomcat (jsp's), it is still accessible to the internet.
>
> Luc Boudreau
> Université du Québec
> Canada
Is there a reason you can't use Apache directives on the areas you wish
to restrict?
--
Justin Crabtree
Java Programmer
Ozarks Technical Community College
447-7533
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
