HI That;'s what i'm trying to do.. But the user credentials are held within a database. Ideally, I want to forward to tomcat, do the login for the user, and somehow tell IIS all static conent from the session(or user) is allowed. Equally, I dont want the users to bookmark the pdf/html files(as these people pay to see them). I'm not sure how to do this with the web server, surely there must be a standard way of achieving this. I've searched google but unable to find information about this. Cheers
-----Original Message----- From: Jess Holle [mailto:[EMAIL PROTECTED] Sent: Mon 17/10/2005 20:34 To: Tomcat Users List Cc: Subject: Re: IIS security with tomcat Sounds like IIS should be doing your authentication... Steve Gaunt wrote: >Hi > >I have IIS web server servicing static pdf/html content. However, I only want to allow access to these if they have been authenticated by tomcat(using jk2 connector on the AJP connections). > >I dont want to move these static pdf/htmls' onto tomcat(as the folder(s) size at the root is over 10G). I've tried this and after about 10 hours of use, the tomcat website hosting the static content fails. > >Ideally, the static conent should be serverd by IIS(as its good at doing that). But I dont want just anyone being able to view these? > >I've tried the response.sedREdirect("") > >and passing the "www-authentication" into the header, but since the redirect goes back to the browser and rewrites the header, this info is lossed. > >HAs anyone else had similar problems ebfore?? > > > >STeve > > >______________________________________________________________________ >This email has been scanned by the MessageLabs Email Security System. >For more information please visit http://www.messagelabs.com/email >______________________________________________________________________ > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________