On Wed, 2005-09-14 at 13:29, Hassan Schroeder wrote:
KEREM ERKAN wrote:
Apache has better directory/file restricting and handling than Tomcat
better in what way? What actual *security* issue are we talking
about -- in other words, what exploit is Tomcat susceptible to
that Apache is not?
Peter Flynn wrote:
I don't know if Kerem Erkan was talking about exploits, but I have
looked for some facility in Tomcat equivalent to Apache .htaccess
files and failed to find any mention of them. Is it possible to do
this kind of IP-level or simple username/password restriction in
Tomcat?