Hi! How does work access control with apache 'Location' directive? I'm using apache+mod_jk+tomcat with
JkMount /servlet/* ajp13 and <Location /servlet/some.servlet.*> .. require user someuser </Location> and apache seems to ignore this access control restriction when I'm entering the url http://myhost.mydomain/servlet/some.servlet.example Should I include this restriction into my app's web.xml file? Anyway, adding something like <servlet-mapping> <servlet-name>invoker</servlet-name> <url-pattern>/servlet/*</url-pattern> </servlet-mapping> <security-constraint> <web-resource-collection> <web-resource-name>myhost.mydomain</web-resource-name> <url-pattern>/servlet/some.servlet.*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>somerole</role-name> </auth-constraint> </security-constraint> does not require to authenticate too. What am I doing wrong? TIA Richard. -- "First they ignore you. Then they laugh at you. Then they fight you. Then you win." - Mohandas Gandhi. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>