----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files. Don't make us guess your problem!!!
----------------------------------------------------------------
I agree with the JSP answer. Either that, or create a servlet that checks
the session-based access, then returns the static page. You can always
serve static pages from a place that isn't 'visible' in the web server, as
long as the servlet can see them in the filesystem.
You could, alternatively, switch over to some centralized authentication /
authorization scheme like an LDAP database, and write apache and jserv
modules to do authentication there.
Plain-old htaccess isn't that flexible.
> Hello all,
>
> How can I authenticate a user to both a servlet web application (Jserv)
> AND to Apache (1.3.9 running on NT) but only require that the user log
> in once?
>
> Here's the situation:
>
> Like most websites, we have a "members only" area that only registered
> members can access. So I have implemented a "log-in servlet" that drops
> a cookie onto the client upon a successful login. Any servlet first
> checks for that cookie before serving up any "members only" content.
>
> This strategy works well for dynamically generated pages... but I also
> want to serve up some pages that are 100% static (e.g. FAQ's, help
> pages, legal babble, etc). Since these pages are 100% static, using
> Apache + SSI is ideal... but I can't figure out how to authenticate the
> user to Apache without forcing the user to log-in again (but this time
> to Apache).
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search Archives:
<http://www.mail-archive.com/java-apache-users%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
