WebdavServlet and different users
Hello. I have set up a simple service using the WebdavServlet (mapped to /*) for a single user. I have overrided getResources() to define a FileDirContext to store the files. The security are defined in web-xml as a security-constraint. Everything is working very well. So, someone want this service to work with more than one user :) The different users should not see each other files. I could ask user a to use url http://server.com/service/a and user b to use url http://server.com/service/b, but how can I protect /b from user a and /a from user b? Is it possible to define a url-pattern like /${username}/* in a security-constraint in web.xml? Perhaps I should jump to slide? So far WebdavServlet has been perfect. - Tore. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: WebdavServlet and different users
On Nov 3, 2004, at 9:36, Tore Halset wrote: I have set up a simple service using the WebdavServlet (mapped to /*) for a single user. I have overrided getResources() to define a FileDirContext to store the files. The security are defined in web-xml as a security-constraint. Everything is working very well. So, someone want this service to work with more than one user :) The different users should not see each other files. I could ask user a to use url http://server.com/service/a and user b to use url http://server.com/service/b, but how can I protect /b from user a and /a from user b? Is it possible to define a url-pattern like /${username}/* in a security-constraint in web.xml? I just put the following code in the service-method: String username = req.getRemoteUser(); String servletpath = req.getServletPath(); removed some checking on username and servletpath if (!(servletpath.equals(/ + username) || servletpath.startsWith(/ + username + /))) { log.info(user + username + does not have access to + servletpath); res.sendError(HttpServletResponse.SC_UNAUTHORIZED); return; } - Tore. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
tomcat as AJP frontend to other tomcats?
Hello! We are using jboss+tomcat on some servers. As we are growing and need more servers we want to introduce a frontend server. One solution would be to use Apache httpd with mod_jk to route trafic to the correct jboss+tomcat server. https://www.company.com/client1 - jboss+tomcat server 1 via AJP https://www.company.com/client2 - jboss+tomcat server 1 via AJP https://www.company.com/client3 - jboss+tomcat server 2 via AJP This are easy to configure under Linux, but this is a windows company.. Should we look for a precompiled Apache httpd with matching mod_jk and mod_ssl? Or compile it myself? Or should we use IIS? Is it possible to run tomcat on the frontend server and act as a Apache httpd + mod_jk + mod_ssl? Are there any other options we should take a look at? Regards, - Tore. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tomcat as AJP frontend to other tomcats?
On Sep 9, 2004, at 15:24, QM wrote: On Thu, Sep 09, 2004 at 02:19:30PM +0200, Tore Halset wrote: : Is it possible to run tomcat on the frontend server and act as a Apache : httpd + mod_jk + mod_ssl? Are there any other options we should take a : look at? I've never used it, but I understand the Tomcat Balancer webapp does this and more. Will the balancer webapp proxy or just redirect? We want to hide multiple servers behind one frontend. The clients use https. - Tore. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]