WebdavServlet and different users
Hello.
I have set up a simple service using the WebdavServlet (mapped to /*)
for a single user. I have overrided getResources() to define a
FileDirContext to store the files. The security are defined in web-xml
as a security-constraint. Everything is working very well.
So, someone want this service to work with more than one user :) The
different users should not see each other files. I could ask user a to
use url http://server.com/service/a and user b to use url
http://server.com/service/b, but how can I protect /b from user a and
/a from user b? Is it possible to define a url-pattern like
/${username}/* in a security-constraint in web.xml?
Perhaps I should jump to slide? So far WebdavServlet has been perfect.
- Tore.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: WebdavServlet and different users
On Nov 3, 2004, at 9:36, Tore Halset wrote:
I have set up a simple service using the WebdavServlet (mapped to /*)
for a single user. I have overrided getResources() to define a
FileDirContext to store the files. The security are defined in web-xml
as a security-constraint. Everything is working very well.
So, someone want this service to work with more than one user :) The
different users should not see each other files. I could ask user a to
use url http://server.com/service/a and user b to use url
http://server.com/service/b, but how can I protect /b from user a and
/a from user b? Is it possible to define a url-pattern like
/${username}/* in a security-constraint in web.xml?
I just put the following code in the service-method:
String username = req.getRemoteUser();
String servletpath = req.getServletPath();
removed some checking on username and servletpath
if (!(servletpath.equals(/ + username) ||
servletpath.startsWith(/ + username + /))) {
log.info(user + username + does not have access to +
servletpath);
res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
- Tore.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
tomcat as AJP frontend to other tomcats?
Hello! We are using jboss+tomcat on some servers. As we are growing and need more servers we want to introduce a frontend server. One solution would be to use Apache httpd with mod_jk to route trafic to the correct jboss+tomcat server. https://www.company.com/client1 - jboss+tomcat server 1 via AJP https://www.company.com/client2 - jboss+tomcat server 1 via AJP https://www.company.com/client3 - jboss+tomcat server 2 via AJP This are easy to configure under Linux, but this is a windows company.. Should we look for a precompiled Apache httpd with matching mod_jk and mod_ssl? Or compile it myself? Or should we use IIS? Is it possible to run tomcat on the frontend server and act as a Apache httpd + mod_jk + mod_ssl? Are there any other options we should take a look at? Regards, - Tore. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: tomcat as AJP frontend to other tomcats?
On Sep 9, 2004, at 15:24, QM wrote: On Thu, Sep 09, 2004 at 02:19:30PM +0200, Tore Halset wrote: : Is it possible to run tomcat on the frontend server and act as a Apache : httpd + mod_jk + mod_ssl? Are there any other options we should take a : look at? I've never used it, but I understand the Tomcat Balancer webapp does this and more. Will the balancer webapp proxy or just redirect? We want to hide multiple servers behind one frontend. The clients use https. - Tore. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
